Enterprise Security Solutions Expert

We are Yettel!

Yettel is a part of e&PPF Telecom Group, a partnership between PPF Group and Emirates Telecommunication Group (e&) focused on delivering superior telecom and digital experience to customers across Central and Eastern Europe, that connects over 3 million customers to people, devices and businesses.

We are a company that wants to discover, develop and invest in technology to serve people in the most useful and effective way for them. We want to create the future together with you. That's why we at Yettel are ready to discover and develop your talent and unique skills as we change the world together.

We want to create the future together with you. That's why we at Yettel are ready to discover and develop your talent and unique skills as we change the world together.

Role Overview:

Provide technical assistance and know-how for evaluation, design and planning of enterprise security solutions. Collaborate on the technical definitions and enforce implementation of technical security controls and requirements for enterprise systems, infrastructure and solutions for the application environments of the enterprise architecture in order to protect data against unauthorized, accidental or deliberate modification or disclosure and any other cyber security threats.

Subject matter expert for various security technologies and security solutions of different architecture layers and components – infrastructure, networks, web applications, content management and delivery applications.

Responsibilities:

• Working with Information security team members and business divisions to achieve alignment between information security requirements and business objectives.
• Support designing and implementation of security controls throughout solution delivery lifecycle of the enterprise application architecture.
• Maintain and develop generic security patterns and guidelines to enable applications compliancy with internal standards by integrating security in Application Development and CI/CD pipelines from early stages of the lifecycle.
• Evaluate, on-board and operate security tools such as EDR, SAST/DAST, vulnerability management platforms, open source benchmarking for containers and infrastructure, platforms for assisted pen-testing and automated remediations into the life cycle for multiple technological stacks.
• Contribute in developing features within internally developed Information Security toolset, and integrate those features seamlessly into the DevOps pipelines.
• Drive continuous improvement of security in both the application and microservices layers of the enterprise architecture of business supporting systems.

We expect from you:

• Microservices & Containerization Knowledge: In-depth knowledge of microservices architecture, Kubernetes, and containerization, with hands-on experience in securing containerized environments and managing vulnerabilities.
• Kubernetes Hardening & Evaluation: Good understanding of tools and techniques for evaluating and hardening Kubernetes environments, including Kube-bench, Checkov, and Kubescape for security best practices.
• Vulnerability Management & Dependency Analysis: Expert in managing application vulnerabilities and third-party software dependencies, utilizing tools like Nessus, SonarQube, and SBOM to assess and mitigate security risks.
• Web Application & API Security Expertise: Strong understanding of OWASP Top 10 risks and ability to implement security measures to mitigate those risks in web applications and APIs.
• Security Testing & Integration: Expertise in static and dynamic security testing at scale, including integration of security into CI/CD workflows for continuous security validation in deployment pipelines.
• CI/CD & GitOps: Solid understanding of CI/CD processes and GitOps, enabling efficient and automated software delivery and management in DevOps environments.
• Scripting & Automation Proficiency: Skilled in scripting (e.g., Bash, Python) and automation platforms (e.g., Terraform, Ansible) to streamline security operations and enhance automation.
• Effective Communication: Excellent communication skills, enabling clear articulation of complex security concepts to diverse teams and stakeholders.

Benefits:

• Positive workplace culture where you would receive all the support you need from your peers and managers in order to achieve your personal and team goals
• Annual bonus based on your personal performance
• Preferential prices for mobile devices and accessories
• Unlimited mobile services and mobile internet
• Flexible working hours
• Monthly food and gift vouchers
• Transportation allowance
• Additional health insurance

Over its 20 years history on the Bulgarian market, the company has built a strong track record as a pioneer in wireless and beyond, launching Bulgaria’s first commercial 4G network in 2015, the first VoLTE service in 2018 and paving the way for the development of 5G with the country’s first 5G network test. Yettel’s sector-leading approach to infrastructure has won four consecutive Best in Test certificates awarded by the global gold-standard benchmarking organization umlaut. 
Today, Yettel Bulgaria employs more than 1800 people, operates more than 180 retail stores, with its mobile network covering more than 99% of the Bulgarian population.

Join Yettel now by sending us your up-to-date CV. 

Only shortlisted applicants will be contacted with information about next steps of our selection process.

Applicants are treated with strict confidentiality following the applicable personal data protection legislation.