lead security engineer for information services company
Currently, we're looking for a Remote Lead Security Engineer for Information Services Company.
The customer is a global provider of professional information, software solutions? services for clinicians, accountants, lawyers, tax, finance, audit, risk, compliance and regulatory sectors.
- Ensuring compliance with Wolters Kluwer and Divisional Application Security Policies and Standards
- Facilitating adoption and integration of SSDLC best practices
- Supporting the tracking, planning and remediation of application security findings
- Consistently improving application security by leading gradual reduction of the security technical debt, remediating known vulnerabilities
- Providing input and advice on Application Security Exception Requests
- Responsible for tracking of security program requirements
- Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project.
- Integrating and maintaining threat modeling and security architecture design review as key elements of SDLC per application
- Signing off on security sensitive aspects of architecture and implementation
- Assisting in facilitating the security training program
- Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
- Hands-on experience in building Secure SDLC is a must
- Good communication skills (must have)
- Understanding and ability to explain Secure Development practices
- Knowledge of security threats and attack scenarios
- The ability to identify application-specific security threats and to correspond mitigating security controls via Threat Modelling
- Comfortable with some form of scripting i.e., Python, BASH
- Understanding and practical working experience of DevOps principles, e.g., CI/CD, test automation, shift-left security, cross-functional collaboration, shared responsibility
- Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)
- Proficient English (written and spoken) B2
looking for something else?
Find a vacancy that works for you. Send us your CV to receive a personalized offer.