Security Engineer / Wildix (offline)

Skills and qualifications:

3+ years experience in information security;
Experience with at least one industry-standard Security framework (OWASP SAMM v2, BSIMM, MS SDL);
Experience implementing product security practices in a software organization;
Experience with CI/CD and software deployment processes automation tools;
Experience with vulnerability management and identification, including extensive OWASP knowledge;
Upper-Intermediate English (B2+).

A big plus, but not required:

Technical background in QA, DevOps, or Dev;
Hands-on experience with AWS cloud, DevSecOps, and cloud security solutions;
Experience working with Agile methodologies (Kanban, Scrum);
Hands-on experience in different platforms – Linux, Windows;
Familiar security standards and regulation (PCI, GDPR, HIPAA, ISO 27000\1).

Responsibilities:

Work with the security initiative group, development, and operational teams on improving and implementing security practices;
Contribute to the inclusion of security requirements into the product lifecycle management;
Lead penetration testing activities conducted by third-party vendors and internal teams;
Perform hands-on security threat modeling, risk assessment, and vulnerability remediation;
Promote security-focused culture across the organization.

We offer:

Opportunity to work in a young multinational team of professionals;
Paid lunch and vacations;
Flexible full-time work from 10 am to 7 pm with one hour of lunch break (2—3 pm);
English classes;
Professional and management training;
Office in the center with good transport connections.