senior security engineer for an information services company
Currently, we're looking for a remote Senior Security Engineer to join our team.
The customer is a global provider of professional information, software solutions, and services for clinicians, accountants, lawyers, and tax, finance, audit, risk, compliance, and regulatory sectors.
- Ensure compliance with Wolters Kluwer and Divisional Application Security Policies and Standards
- Facilitate adoption and integration of SSDLC best practices
- Support the tracking, planning, and remediation of application security findings
- Consistently improve application security by leading gradual reduction of the security technical debt, remediate known vulnerabilities
- Provide input and advice on Application Security Exception Requests
- Responsible for tracking of security program requirements
- Responsible for maintaining clear and very active lines of communication with advisors and decision makers during a software development project
- Integrate and maintain threat modeling and security architecture design review as key elements of SDLC per application
- Sign off on security sensitive aspects of architecture and implementation
- Assist in facilitating the security training program
- 3+ years of experience in Security Engineering
- Hands-on experience in building Secure SDLC is a must
- Good communication skills (must have)
- Understanding and ability to explain Secure Development practices
- Knowledge of security threats and attack scenarios
- The ability to identify application-specific security threats and to correspond mitigating security controls via Threat Modelling
- Comfortable with some form of scripting i.e., Python, BASH
- Experience using and integrating security testing tools (i.e., SAST, DAST, OSS)
- Understanding of Agile and related types of project mgmt (i.e., Scrum, Kanban)
- English B2 level
looking for something else?
Find a vacancy that works for you. Send us your CV to receive a personalized offer.