backgo to search

lead security engineer for business information company

bullets
Secure SDLCThreat Modeling, Scrum, Kanban, Python, Bash, SAST, DAST, Operations Support Systems (OSS), CI/CD, Test Automation Principles, Security.Engineering
warning.png
Sorry, the job is expired

Currently, we are looking for a remote Lead Security Engineer to join our team.

responsibilities
  • Ensure compliance with the client and Divisional Application Security Policies and Standards
    • Facilitate adoption and integration of SSDLC best practices
      • Support the tracking, planning, and remediation of application security findings
        • Consistently improve application security by leading gradual reduction of the security technical debt, remediate known vulnerabilities
          • Provide input and advice on Application Security Exception Requests
            • Responsible for tracking of security program requirements
              • Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project
                • Integrate and maintain threat modeling and security architecture design review as key elements of SDLC per application
                  • Sign off on security sensitive aspects of architecture and implementation
                    • Ensure compliance with the client Open Source policy and Open Source policy Exception Management process
                      • Assist in facilitating the security training program
                        requirements
                        • 5+ years of relevant experience
                          • Hands-on experience in building Secure SDLC is a must
                            • Good communication skills
                              • Understanding and ability to explain Secure Development practices
                                • Knowledge of security threats and attack scenarios
                                  • The ability to identify application-specific security threats and to correspond mitigating security controls
                                    • Comfortable with some form of scripting i.e., Python, BASH
                                      • Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
                                        • Understanding and practical working experience of DevOps principles, e.g., CI/CD, test automation, shift-left security, cross-functional collaboration, shared responsibility
                                          • Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)
                                            • English level B2+ and higher

                                              benefits for locations

                                              location.svg

                                              For you

                                              • Medical insurance package for you and your family
                                              • Stable income
                                              • Paid sick leave days

                                              For your comfortable work

                                              • 100% remote work forever
                                              • Free licensed software
                                              • Possibility to work on your own device (BYOD)
                                              • Stable workload
                                              • Relocation opportunities
                                              • Flexible engagement models

                                              For your growth

                                              • Free trainings for technical, soft, and leadership skills
                                              • Access to LinkedIn Learning platform
                                              • Language courses
                                              • Access to internal and external e-Libraries
                                              • Certification opportunities
                                              • Skill advisory service
                                              subscribe to EPAM Anywhere vacancies!Hundreds of open jobs for Software Engineers, QA, DevOps, Business Analysts and other tech professionals
                                              Girl in front of laptop

                                              looking for something else?

                                              Find a vacancy that works for you. Send us your CV to receive a personalized offer.