Back icon

Lead Security Engineer for Information Services Company

Lead Security Engineer for Information Services Company 40 hrs/week, 12+ months
warning.png
Sorry, the job is expired

Currently, we're looking for a remote Lead Security Engineer for Information Services

Company.

The customer is a global provider of professional information, software solutions, and services for

clinicians, accountants, lawyers, and tax, finance, audit, risk, compliance, and regulatory sectors.

Responsibilities

  • Ensure compliance with Wolters Kluwer and Divisional Application Security Policies and Standards
    • Facilitate adoption and integration of SSDLC best practices
      • Support the tracking, planning, and remediation of application security findings.
        • Consistently improve application security by leading gradual reduction of the security technical debt, remediate known vulnerabilities
          • Provide input and advice on Application Security Exception Requests
            • Responsible for tracking of security program requirements
              • Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project.
                • Integrate and maintain threat modeling and security architecture design review as key elements of SDLC per application.
                  • Sign off on security sensitive aspects of architecture and implementation.
                    • Ensure compliance with the Wolters Kluwer Open Source policy and Open Source policy Exception Management process
                      • Assist in facilitating the security training program.

                        Requirements

                        • Hands-on experience in building Secure SDLC is a must
                          • Good communication skills (must have)
                            • Understanding and ability to explain Secure Development practices
                              • Knowledge of security threats and attack scenarios
                                • The ability to identify application-specific security threats and to correspond mitigating security controls via Threat Modelling
                                  • Comfortable with some form of scripting i.e., Python, BASH
                                    • Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
                                      • Understanding and practical working experience of DevOps principles, e.g., CI/CD, test automation, shift-left security, cross-functional collaboration, shared responsibility
                                        • Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)
                                          Secure SDLC
                                          Threat Modeling

                                          Benefits in eligible locations

                                          location.svg
                                          ImageImage

                                          For you

                                          • Prepaid Medicine with Colsanitas for you and your legal dependents 
                                          • MetLife Life Insurance for you 
                                          • Thousands of projects for top brands
                                          • Stable income
                                          ImageImage

                                          For your comfortable work

                                          • 100% remote work forever
                                          • Free licensed software
                                          • Possibility to work on your own device (BYOD)
                                          • Stable workload
                                          • Relocation opportunities
                                          • Flexible engagement models
                                          ImageImage

                                          For your growth

                                          • Free trainings for technical and soft skills
                                          • Free access to LinkedIn Learning platform
                                          • Support from a personal Skill Advisor
                                          • Language courses
                                          • Free access to internal and external e-Libraries
                                          • Access to internal communities and competency centers
                                          • Certification opportunities
                                          hot

                                          40 hrs/week

                                          Hours per week

                                          12+ months

                                          Project length

                                          Colombia, Mexico

                                          Locations eligible for the position