We are looking for an experienced Senior Security Engineer with both strong technical and interpersonal skills for our security engineering efforts to contribute to improving the security posture of our infrastructure and applications.
Client – the worldwide manufacturer of smart beds, which increase the overall quality of sleep. The solution senses and automatically adjusts the comfort level:
- Tracking personal sleep data during the night
- Individual comfort and temperature balancing
- Comfort adjustability on each side of the bed
The project is related to developing cutting-edge IoT technology.
• BS or MS in Computer Science or equivalent technical degree
• Minimum of 5 years of relevant experience
• Strong background in application security development, network security, and automation
• Familiar with code versioning tools
• Strong background in Secret as a Service with HashiCorp Vault
• Excellent understanding of AAA (Authentication, Authorization, Auditing)
• Good understanding of known authentication protocols: LDAP, SASL, OAuth, OIDC, Mutual TLS
• Good understanding of known authorization models: ACL, RBAC, ABAC, CBAC, MAC, DAC
• Familiar with SAML, SSO (Single Sign-On), MFA (Multi-Factor Authentication)
• Excellent understanding of PKI (Public Key Infrastructure) and its components: CA, RA, VA, TSA.
• Excellent understanding of TLS/SSL
• Good understanding of cryptography concepts such as digital signature, data integrity, message
authentication, confidentiality, non-repudiation
• Excellent understanding of encryption at rest and in-transit
• Good understanding of symmetric and asymmetric cryptography
• Upper-intermediate English
• Cross-platform/multi-language development experience
• Familiar with compilers and code generation tools
• CISSP/HCISSP certification or equivalent experience
• Knowledge and experience in security of large-scale cloud-based applications and environments
As a Senior Security Engineer, you will be working side-by-side at the code and architecture level with each of our engineering teams to ensure security throughout our operations and technical systems, from infrastructure to the applications. Your primary focus will be on the life-cycle management of secrets. You will work with various engineering teams including Mobile, Web, Embedded, QA, Cloud, and Data Platform to improve the life cycle management of their secrets.
• Deploy, configure, and maintain the Secrets Service infrastructure.
• Guide engineering teams to securely store and retrieve their secrets through automation i.e., API keys, certificates, SSH keys, passwords, encryption keys
• Own the life cycle management of secrets across the infrastructure, applications, and teams
• Perform on-going security testing and code review to improve software security
• Mentor other team members in methods and best practices
• Continually improve DevSecOps infrastructure, tools, processes, and procedures
• Maintain security technical documentation.
GlobalLogic is a full-lifecycle product development services leader that combines chip-to-cloud software engineering expertise and vertical industry experience to help our customers design, build, and deliver their next-generation products and digital experiences. By leveraging Agile / Lean MVP methods, cutting-edge technologies, and an integrated approach to experience design and complex engineering, we empower global brands such as Microsoft, BMC, Coca Cola, Samsung, Physio Control, and Roku to develop the “next big thing” in their markets. GlobalLogic is headquartered in Silicon Valley and operates design and engineering centers around the world, where we are continuously recognized as a top innovator and employer by organizations like Zinnov and Glassdoor.
DOU company page:
This job is no longer active.