backgo to search

lead security engineer for information services company

hot
bullets
Secure SDLCThreat Modeling
bullets
Mexico, Colombia
warning.png
Sorry, the job is expired

Currently, we're looking for a Remote Lead Security Engineer for Information Services Company.

The customer is a global provider of professional information, software solutions? services for clinicians, accountants, lawyers, tax, finance, audit, risk, compliance and regulatory sectors.

responsibilities
  • Ensuring compliance with Wolters Kluwer and Divisional Application Security Policies and Standards
    • Facilitating adoption and integration of SSDLC best practices
      • Supporting the tracking, planning and remediation of application security findings
        • Consistently improving application security by leading gradual reduction of the security technical debt, remediating known vulnerabilities
          • Providing input and advice on Application Security Exception Requests
            • Responsible for tracking of security program requirements
              • Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project.
                • Integrating and maintaining threat modeling and security architecture design review as key elements of SDLC per application
                  • Signing off on security sensitive aspects of architecture and implementation
                    • Assisting in facilitating the security training program
                      requirements
                      • Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
                        • Hands-on experience in building Secure SDLC is a must
                          • Good communication skills (must have)
                            • Understanding and ability to explain Secure Development practices
                              • Knowledge of security threats and attack scenarios
                                • The ability to identify application-specific security threats and to correspond mitigating security controls via Threat Modelling
                                  • Comfortable with some form of scripting i.e., Python, BASH
                                    • Understanding and practical working experience of DevOps principles, e.g., CI/CD, test automation, shift-left security, cross-functional collaboration, shared responsibility
                                      • Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)
                                        • Proficient English (written and spoken) B2

                                          benefits for locations

                                          location.svg

                                          For you

                                          • Prepaid Medicine with Colsanitas for you and your legal dependents 
                                          • MetLife Life Insurance for you 
                                          • Thousands of projects for top brands
                                          • Stable income

                                          For your comfortable work

                                          • 100% remote work forever
                                          • Free licensed software
                                          • Possibility to work on your own device (BYOD)
                                          • Stable workload
                                          • Relocation opportunities
                                          • Flexible engagement models

                                          For your growth

                                          • Free trainings for technical and soft skills
                                          • Free access to LinkedIn Learning platform
                                          • Support from a personal Skill Advisor
                                          • Language courses
                                          • Free access to internal and external e-Libraries
                                          • Access to internal communities and competency centers
                                          • Certification opportunities
                                          subscribe to EPAM Anywhere vacancies!Hundreds of open jobs for Software Engineers, QA, DevOps, Business Analysts and other tech professionals
                                          Girl in front of laptop

                                          looking for something else?

                                          Find a vacancy that works for you. Send us your CV to receive a personalized offer.