Lead software Engineer

Job Description

About Mitsogo

Mitsogo is a global organization that highly values the contributions of each employee. Our ability to attract top talent is a testament to our commitment to fostering a sense of belonging for everyone. We recognize the rapid evolution of technology and society that impacts our industry, and we prioritize equipping our employees with diverse opportunities and empowering them with a wide range of skills.

About Hexnode

Hexnode, the Enterprise software division of Mitsogo Inc., was founded with a mission to simplify the way people work. Operating in over 100 countries, Hexnode UEM empowers organizations in diverse sectors. Fuelling the transformation to a seamless ecosystem of connected tools, Hexnode is revolutionizing the enterprise software and cybersecurity landscape.

Job Overview:

We are seeking a proactive and skilled cyber security specialist typically 7–11 years in information security with at least 2–3 years in a senior or lead capacity with Bachelor’s degree in Computer Science, Cyber Security, or a related technical field.

Responsibilities

• Design secure architecture: Develop and implement secure cloud architecture and configurations on platforms like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
• Implement security controls: Deploy measures such as encryption, firewalls, and access controls to prevent unauthorized access and data breaches.
• Monitor and respond to threats: Continuously monitor the cloud environment for security risks, investigate incidents, and conduct vulnerability assessments and penetration testing.
• Ensure compliance: Conduct regular audits and ensure that cloud deployments adhere to industry-specific regulations and standards, like HIPAA or PCI-DSS.
• Integrate security into DevOps: Embed security practices into the Continuous Integration/Continuous Deployment (CI/CD) pipeline, a practice known as DevSecOps.
• Develop and automate: Write scripts using languages like Python to automate security tasks and improve efficiency.
• Incident response: Develop and practice incident response and disaster recovery plans to respond to security breaches effectively.

Requirements :
SaaS Product Security Architecture: Design and implement a robust security architecture for our multi-tenant SaaS platform. This includes defining security controls for the application, APIs, and microservices.

Data & Tenant Isolation: Lead strategies to ensure strict data isolation between tenants. Implement and manage security measures for multi-tenant databases, including row-level security and data encryption at rest and in transit.

DevSecOps & Secure SDLC: Champion a DevSecOps culture by integrating security into our continuous integration and continuous delivery (CI/CD) pipelines. Conduct threat modeling, static/dynamic code analysis, and vulnerability assessments as part of the software development lifecycle (SDLC).

Identity & Access Management (IAM): Architect and manage a comprehensive IAM program for both internal employees and external customers. This includes single sign-on (SSO), multi-factor authentication (MFA), and a zero-trust framework.

Compliance & Audits: Ensure our cloud and product security posture aligns with industry standards and regulatory requirements critical for SaaS, such as SOC 2, ISO 27001, and GDPR. Act as a primary point of contact for customer security audits and due diligence.

Vulnerability & Threat Management: Oversee vulnerability management for both infrastructure and application layers. Lead incident response planning and execution for security breaches, with a specific focus on the unique challenges of a multi-tenant environment.

Team Leadership & Mentorship: Lead and mentor a team of security engineers and analysts. Provide technical guidance, manage projects, and stay ahead of emerging threats and security technologies relevant to the SaaS landscape.