Lead Security Engineer for Information Services Company

Lead Security Engineer for Information Services Company 40 hrs/week, 12+ months

Sorry, the job is expired

Currently, we're looking for a remote Lead Security Engineer for Information Services

Company.

The customer is a global provider of professional information, software solutions, and services for

clinicians, accountants, lawyers, and tax, finance, audit, risk, compliance, and regulatory sectors.

Responsibilities

Ensure compliance with Wolters Kluwer and Divisional Application Security Policies and Standards
Facilitate adoption and integration of SSDLC best practices
Support the tracking, planning, and remediation of application security findings.
Consistently improve application security by leading gradual reduction of the security technical debt, remediate known vulnerabilities
Provide input and advice on Application Security Exception Requests
Responsible for tracking of security program requirements
Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project.
Integrate and maintain threat modeling and security architecture design review as key elements of SDLC per application.
Sign off on security sensitive aspects of architecture and implementation.
Ensure compliance with the Wolters Kluwer Open Source policy and Open Source policy Exception Management process
Assist in facilitating the security training program.

Requirements

Hands-on experience in building Secure SDLC is a must
Good communication skills (must have)
Understanding and ability to explain Secure Development practices
Knowledge of security threats and attack scenarios
The ability to identify application-specific security threats and to correspond mitigating security controls via Threat Modelling
Comfortable with some form of scripting i.e., Python, BASH
Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
Understanding and practical working experience of DevOps principles, e.g., CI/CD, test automation, shift-left security, cross-functional collaboration, shared responsibility
Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)

Secure SDLC

Threat Modeling

Benefits in eligible locations

Colombia

For you

Prepaid Medicine with Colsanitas for you and your legal dependents
MetLife Life Insurance for you
Thousands of projects for top brands
Stable income

For your comfortable work

100% remote work forever
Free licensed software
Possibility to work on your own device (BYOD)
Stable workload
Relocation opportunities
Flexible engagement models

For your growth

Free trainings for technical and soft skills
Free access to LinkedIn Learning platform
Support from a personal Skill Advisor
Language courses
Free access to internal and external e-Libraries
Access to internal communities and competency centers
Certification opportunities

40 hrs/week

Hours per week

12+ months

Project length

Colombia, Mexico

Locations eligible for the position

Jobs
Benefits
How we hire
Blog
About EPAM Anywhere
FAQ
Work with EPAM Anywhere
Anywhere Business
Contact us
Learn & Grow

Looking for something other than remote work?

If you’d like to explore job options beyond just remote work, view all the opportunities we are offering at EPAM Anywhere to give your career the next boost — office positions for all kinds of IT professionals across 35+ countries, unique learning and growth programs, innovation and contribution hubs.

FOR OFFICE POSITIONS
If you feel more comfortable sticking to a more traditional format of work, explore our 1,000+ office positions across 35+ locations.
All office jobs
FOR QA ENGINEERS
Join the community of Functional testing experts to be the first to test the latest apps and get a nice paycheck.
Test.io

English

Privacy Policy
Privacy Notice
Contact Support

Life at EPAM

Select language