Senior Security Engineer / Test Engineer (offline)
Description:
We are looking for an experienced Senior AppSec Engineer with both technical and interpersonal skills for our security engineering efforts to contribute to improving the security posture of our infrastructure and applications.
Client β the worldwide manufacturer of smart beds, which increase the overall quality of sleep. The solution senses and automatically adjusts the comfort level:
- Tracking personal sleep data during the night
- Individual comfort and temperature balancing
- Comfort adjustability on each side of the bed
The project is related to developing cutting-edge IoT technology.
Requirements:
β’ BS or MS in Computer Science or equivalent technical degree
β’ Minimum of 5 years of relevant experience
β’ Strong background in application security development, network security, and automation
β’ Familiar with source code control tools
β’ Strong background in various forms of application security testing i.e., SAST, DAST, and IAST
β’ Excellent understanding of malicious exploits i.e., XSS, CSRF, SQL Injection, Code Injection, etc.
β’ Excellent understanding of AAA (Authentication, Authorization, Auditing)
β’ Good understanding of known authentication protocols: LDAP, SASL, OAuth, OIDC, Mutual TLS
β’ Good understanding of known authorization models: ACL, RBAC, ABAC, CBAC, MAC, DAC
β’ Familiar with SAML, SSO (Single Sign-On), MFA (Multi-Factor Authentication)
β’ Excellent understanding of PKI (Public Key Infrastructure) and its components: CA, RA, VA, TSA.
β’ Excellent understanding of TLS/SSL
β’ Good understanding of cryptography concepts such as digital signature, data integrity, message authentication, confidentiality, non-repudiation
β’ Excellent understanding of encryption at rest and in-transit
β’ Good understanding of symmetric and asymmetric cryptography
β’ Upper-intermediate English
Additional Qualifications:
β’ Familiar with Runtime Application Self-Protection (RASP)
β’ Cross-platform/multi-language development experience
β’ CISSP/HCISSP certification or equivalent experience
β’ Knowledge and experience in security of large-scale cloud-based applications and environment
Description:
As a Senior AppSec Engineer, you will be working side-by-side at the code and architecture level with each of our engineering teams to ensure security throughout our operations and technical systems, from infrastructure to the applications. Your primary focus will be application security testing including SAST, DAST, and IAST. You will work with various engineering teams including Mobile, Web, Embedded, QA, Cloud, and Data Platform to improve the security quality of their code.
Responsibilities:
β’ Integrate application security tastings SAST/DAST/IAST into the DevSecOps pipeline
β’ Schedule, scope, and prioritize security assessments of applications
β’ Provide education and guidance about SAST/DAST/IAST tools and process best practices
β’ Perform on-going security testing and code review to improve software security
β’ Mentor other team members in security coding methods and best practices
β’ Continually improve DevSecOps infrastructure, tools, processes, and procedures
β’ Maintain security technical documentation
What We Offer
Exciting Projects: Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to participate in creating market-defining products using the latest technologies.
Collaborative Environment: Expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment β or even abroad in one of our global centers or client facilities!
Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible opportunities and options.
Professional Development: Our dedicated Learning & Development team regularly organizes certification and technical / soft skill training to help you realize your professional goals.
Excellent Benefits: We provide our consultants with competitive compensation and benefits
Fun Perks: We want you to love where you work, which is why we host sports classes, cultural, social and team building activities such as sports competitions and end-of-year corporate parties. Our vibrant offices also include dedicated GL Zones and rooftop decks where you can drink coffee or tea with your colleagues over a game of table football or darts!
We are looking for an experienced Senior AppSec Engineer with both technical and interpersonal skills for our security engineering efforts to contribute to improving the security posture of our infrastructure and applications.
Client β the worldwide manufacturer of smart beds, which increase the overall quality of sleep. The solution senses and automatically adjusts the comfort level:
- Tracking personal sleep data during the night
- Individual comfort and temperature balancing
- Comfort adjustability on each side of the bed
The project is related to developing cutting-edge IoT technology.
Requirements:
β’ BS or MS in Computer Science or equivalent technical degree
β’ Minimum of 5 years of relevant experience
β’ Strong background in application security development, network security, and automation
β’ Familiar with source code control tools
β’ Strong background in various forms of application security testing i.e., SAST, DAST, and IAST
β’ Excellent understanding of malicious exploits i.e., XSS, CSRF, SQL Injection, Code Injection, etc.
β’ Excellent understanding of AAA (Authentication, Authorization, Auditing)
β’ Good understanding of known authentication protocols: LDAP, SASL, OAuth, OIDC, Mutual TLS
β’ Good understanding of known authorization models: ACL, RBAC, ABAC, CBAC, MAC, DAC
β’ Familiar with SAML, SSO (Single Sign-On), MFA (Multi-Factor Authentication)
β’ Excellent understanding of PKI (Public Key Infrastructure) and its components: CA, RA, VA, TSA.
β’ Excellent understanding of TLS/SSL
β’ Good understanding of cryptography concepts such as digital signature, data integrity, message authentication, confidentiality, non-repudiation
β’ Excellent understanding of encryption at rest and in-transit
β’ Good understanding of symmetric and asymmetric cryptography
β’ Upper-intermediate English
Additional Qualifications:
β’ Familiar with Runtime Application Self-Protection (RASP)
β’ Cross-platform/multi-language development experience
β’ CISSP/HCISSP certification or equivalent experience
β’ Knowledge and experience in security of large-scale cloud-based applications and environment
Description:
As a Senior AppSec Engineer, you will be working side-by-side at the code and architecture level with each of our engineering teams to ensure security throughout our operations and technical systems, from infrastructure to the applications. Your primary focus will be application security testing including SAST, DAST, and IAST. You will work with various engineering teams including Mobile, Web, Embedded, QA, Cloud, and Data Platform to improve the security quality of their code.
Responsibilities:
β’ Integrate application security tastings SAST/DAST/IAST into the DevSecOps pipeline
β’ Schedule, scope, and prioritize security assessments of applications
β’ Provide education and guidance about SAST/DAST/IAST tools and process best practices
β’ Perform on-going security testing and code review to improve software security
β’ Mentor other team members in security coding methods and best practices
β’ Continually improve DevSecOps infrastructure, tools, processes, and procedures
β’ Maintain security technical documentation
What We Offer
Exciting Projects: Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to participate in creating market-defining products using the latest technologies.
Collaborative Environment: Expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment β or even abroad in one of our global centers or client facilities!
Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible opportunities and options.
Professional Development: Our dedicated Learning & Development team regularly organizes certification and technical / soft skill training to help you realize your professional goals.
Excellent Benefits: We provide our consultants with competitive compensation and benefits
Fun Perks: We want you to love where you work, which is why we host sports classes, cultural, social and team building activities such as sports competitions and end-of-year corporate parties. Our vibrant offices also include dedicated GL Zones and rooftop decks where you can drink coffee or tea with your colleagues over a game of table football or darts!
The job ad is no longer active
Job unpublished on
6 June 2021
Look at the current jobs Java Kyiv→
$4500-7000
Average salary range of similar jobs in
analytics β
Similar jobs
Senior Java Developer at Gransoft solutions
Relocate, Poland, Ukraine
Strong Regular or Senior Java Developer at Luxoft
Ukraine
All jobs Java Kyiv All jobs GlobalLogic