Senior Software Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Overview
This is more than a job. Its a chance to build grow and make a real impact! Join our team as our new Senior Software Security EngineerThe Software Security Engineer is a member of the Software Security Group (SSG) in the R&D Department a global group that focuses on supporting the delivery of secure products and services in cloud native and on-premises applications that serve numerous industries worldwide.
The Software Security Engineer provides support to 74Software entities in the application of the Secure Software Development Lifecyle (SSDLC) for our products and services. This position will have primary responsibility for driving and continuously improving the SSDLC program which includes performing security reviews vulnerability assessments and guidance on the remediation/mitigation of security findings. This may also include designing and supporting security controls optimizing our use of security testing suites providing training in secure coding and evangelizing security best practices within 74Software.
The Software Security Group utilizes a structured approach for reviewing and validating the security of our software products with a mix of the following tools and processes: threat modeling static source code analysis dynamic analysis attack surface analysis software composition analysis software vulnerability monitoring & management manual penetration testing third party penetration testing management developer training in secure coding practices and development/management of secure frameworks.
- Location:Bucharest Romania
- Hybrid office 2 days per week
Responsibilities
- Understanding of software security threats mitigating controls as well as their applicability to cloud and on-premises environments;
- Ability to learn new products and technical concepts quickly;
- Successfully manage time and technical responsibilities set accurate expectations and meet deliverable deadlines while working in a team environment;
- Strong communication skills and ability to understand challenges and problems facing engineering teams;
- Guide developers on the implementation of our SSDLC program which includes secure coding practices and processes as well as secure architecture and secure software designs (Threat Modeling);
- Support teams in applying security within the CI/CD/CD process (DevSecOps);
- Support customers developers and SSG in technical analysis of tool outputs;
- Support the management control and upgrade of selected SSDLC tool suites.
Qualifications
- Bachelors degree in Computer Science Information Technology or related field/equivalent experience;
- 1-2 years of supporting an SSDLC program or similar secure software activities;
- 4 years relevant information technology or development experience;
- Hands-on experience in some of the following areas: threat modeling dynamic and static analysis attack surface analysis software composition analysis penetration testing vulnerability remediation techniques HTTP XML REST C/C Java Web Servers (Apache/IIS) Scripting languages (JavaScript Python etc.);
- Experience using productivity and communication suite tools to create documents presentations and detailed drawings;
- Experience in using ticketing and content management tools;
- Technical writing documentation and communication skills are required;
Helpful Skills to Support the Responsibilities:
- Experience in Secure Code Analysis;
- Strong technical understanding and aptitude for analytical problem-solving;
- Understanding of CVSS CWE OWASP ASVS and SANS top 25;
- Knowledge of penetration testing methodologies or experience performing software/application penetration testing;
- Working knowledge of Crypto technologies and practices (PKI Crypto libraries TLS/SSL etc.);
- Authentication and Authorization mechanics and protocols;
- Experience with Infrastructure as Code;
- Understanding of the system hardening processes tools guidelines and benchmarks;
- Understanding of enterprise computing environments distributed applications and an understanding of TCP/IP networks;
- Comfortable working on both Linux-based and MS Windows-based system platforms;
- Understanding and experience in IH/IR;
- Secure system configuration and deployment of infrastructure;
Company Overview
74Software affiliated with Axway and SBS together we deliver secure mission-critical software that powers a data-driven world. Independently operated leaders with decades of proves expertise. From secure integration and API solutions to cloud-based banking platforms we help global organizations and financial institutions thrive.
For more than 25 years Axway has helped major brands and government agencies worldwide with trusted solutions in Manager File Transfer (MFT) B2B integration APIs and Financial Accounting Hub products. SBS empowers banks and financial institutions to reimagine the future with a composable cloud-based architecture supporting deposits lending compliance payments consumer finance and asset finance operations across the globe.
Why 74Software
We celebrate diverse perspectives and experiences knowing our people are our greatest strenght. Join us and be part of a team where you can thrive grow and make an impact.
We offer benefits that support your health growth and lifestyle so you can thrive at work and beyond including health coverage retirement plans paid time off flexible work career development competitive pay and global culture perks.
Equal Opportunity Employer
We are committed to providing equal opportunities and ensuring a fair and inclusive recruitment process. We do not discriminate on the basis of age disability gender sexual orientation race religion or any other protected characteristic.
#LI-AS1
Required Experience:
Senior IC
Key Skills
About Company
Unlock your enterprise data to open everything: new digital experiences, new offerings, and new markets.
