security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
No description
задачи
- Collaborate with other teams to achieve complex objectives;
- Design security architecture from cloud infrastructure to application using "secure by design" principles;
- Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products;
- Proof security implementations within infrastructure and application deployment manifests and CI/CD pipelines;
- Define required policies, controls, and capabilities for the protection of products and environments;
- Build and validate declarative threat models automation;
- Participate in engineering teams’ product planning cycles and committees;
- Oversee product security aspects for migration of products and services from Data Center to public cloud, such as AWS;
- Serve as a trusted cyber security advisor to product and application teams.
требования
- Minimum 3 years of experience as an Application Security Engineer;
- Experience integrating security scanning and tooling into development pipelines;
- Experience in analyzing and securing microservices and applications developed using Javascript and Typescript;
- Experience with CI/CD pipelines such as Gitlab or Jenkins and infrastructure-as-a-code models such as Terraform, Helm, or CloudFormation;
- Hands-on development experience in Python or shell scripting;
- Strong understanding of supply chain security, software integrity, and secure software delivery;
- Experience with docker and mesh technologies such as ISTIO;
- Experience working with Agile methodologies;
- Familiarity with industry regulations, frameworks, and practices like PCI, ISO 27001, NIST;
- Nice to have: Experience with architecture and security reviews, threat modeling and applications risk, knowledge of privacy laws and regulations such as GDPR, in-depth experience with architecting secure services on Kubernetes, extensive experience with architecting secure services on AWS or on-prem data centers, security-related professional certifications like CISSP, CISM, CCSK, CCSP, CEH.
условия
- 24 Vacation days annually;
- 6 Sick days without a medical certificate;
- Premium Health Insurance with coverage up to 5,000 EUR annually;
- Special occasion gifts for birthdays, weddings, and newborns;
- Learning and Development budget for conferences, courses, and certifications;
- Corporate events including international parties and team buildings;
- Relocation package for international candidates;
- Sports package with FitPass membership;
- Company-covered Serbian and English language classes.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.