security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
EPAM provides digital platform engineering and software development services, offering enterprise software products, open source solutions, and accelerators.
задачи
- Drive the creation of a crypto inventory using IBM QSE and agentic validation;
- Review findings and issues related to FIPS 140-3 compliance;
- Define, coordinate and track mitigation plans with engineering teams;
- Facilitate threat modeling workshops for cloud applications;
- Produce clear and actionable threat modeling reports;
- Contribute to broader Secure Development and Operations Lifecycle (SDOL) activities;
- Deliver a complete crypto inventory including FIPS 140-3 compliance reports;
- Track progress on cryptographic mitigation plans in collaboration with engineering teams;
- Prepare handover documentation and support knowledge transfer to the Security Team.
требования
- 3+ Years of hands-on experience in software security with end-to-end implementation of security initiatives;
- Expertise in FIPS 140-3 compliance and cryptographic inventory management;
- Capability to work independently and take ownership of security initiatives with minimal supervision;
- Skills in driving topics to completion within complex security projects;
- Proficiency in documentation, communication and stakeholder management;
- Background in facilitating threat modeling workshops and producing security reports;
- Upper-Intermediate English language proficiency (B2+);
- Nice to have: Familiarity with IBM QSE, background in cryptography, capability to apply agentic AI in hands-on projects, proficiency in using Jira for task and project tracking, understanding of security requirements in highly regulated environments such as FedRAMP.
условия
- Relocation support is available.
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.