This job has expired

Senior Cloud Product Security Engineer

Closing date
23 Feb 2021

View more

Technology & New Media
Contract Type
You need to sign in or create an account to save a job.

Job Details

Senior Cloud Product Security Engineer (can be remote based in the UK or in Denmark)

We are actively seeking a Cloud Product Security Engineer to administer and maintain our Product Security tools and resources. Security is a core value at our company and safeguarding sensitive customer information is critical to our continued success. This position is responsible for providing protection that embeds security into every aspect of the CI/CD and application development process, integrates automated application security testing, and maintains an ongoing security training and certification process for staff members.

Key responsibilities include:

  • Close interaction with Deltek project managers and product managers to implement goals of the enterprise secure software development program
  • Design security features and security solutions for a wide range of Deltek applications and services
  • Collaborating with business unit managers to conduct application security risk assessments
  • Managing penetration tests and security reviews for core applications and APIs
  • Managing and refining manual and automated application security testing processes leveraging SAST and DAST and vulnerability management tools
  • Developing custom tools to test, monitor and enforce security across our applications
  • Researching security vulnerability disclosures and designing appropriate mitigations
  • Working with other Cloud and Engineering teams to identify server side vulnerabilities to facilitate patch management
  • Work within Agile Dev, DevOps Teams to create application specific security user stories
  • Developing and documenting cloud application security processes
  • Developing and managing application framework and library roadmaps
  • Coordination with Cloud Teams on DB and application hardening, standardization of server and container images

To be successful in this role, we'd love you to have the following:

  • Experience in coding applications and secure coding practices or application security engineering (Secure SDLC and DevSecOps)
  • Excellent ability to build relationships with developers, business managers and cloud engineers
  • Passionate about security and protecting data and services provided to our community
  • Knowledge of all aspects of secure development lifecycle, threat modelling, and web application security assessments
  • Knowledge and experience with both automated tools and manual techniques used to identify web application and web service vulnerabilities and attack methods including the OWASP top 10.
  • Strong multi-tasking abilities with attention to detail and the ability to dive deeply into issues
  • Bachelor's degree preferred but not required.
  • Have excellent verbal and written communication skills and strong command of the English language
  • Be capable of carrying out complex tasks and projects to completion, with minimal supervision
  • Be capable of interpreting project and task requirements and selecting appropriate methodologies to fulfil them
  • Experience with vulnerability scanning, penetration testing and risk assessments
  • Flexibility and interpersonal skills coupled with IT security background strongly preferred
  • Experience with compliance standards or governing controls is a plus

**Direct applications only, no agency CVs will be considered**
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert