There's a Swedish company out there that's looking to make things run faster, longer, cleaner and safer. Meanwhile, they are undertaking a massive internal digital transformation that includes many interconnected physical sites, new systems, and much more.
They are looking for an Application Security Engineer who will:
- Define consistent Secure Software Development Lifecycle practices for all of the company's software projects.
- Ensure end-to-end security of the company's infrastructure by hands-on testing, and hypothesizing threats.
- Improve secure coding practices, application security requirements, automation, training, and metrics
- Integrate threat modelling practices into the Software Development Lifecycle
- Help build secure products and standards around emerging technologies and use existing standards and security practices.
- Manage software security risk aligned with business goals.
- 5+ years overall experience in various positions within InfoSec.
- 2+ years in application security experience.
- Experience in driving and implementing secure development practices into the SDLC.
- Deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities.
- Knowledge of code management systems, CI/CD systems (e.g.: Azure Pipelines, Jenkins), Docker, Kubernetes, microservice architecture, OAuth 2.0, OpenID Connect
- CEH, GIAC, OSCP, GISCP, CISSP, IEC/ISA 62443, ISO 2700x certifications, or similar is a plus.
Let's talk whenever at email@example.com
(No. 2709 from 17.01.2019)