Security Engineer

Job Description

We are seeking Security Engineers to implement and oversee automated security practices across our organization. This is a critical role that requires collaboration with cross-functional teams to shape the future of security within our company.

A Security Engineer at IFS is responsible for implementing successful strategies, secure patterns, and improvements to engineering methodologies and practices across the product portfolio. The role demands active engagement with peers and team members to disseminate Security best practices and knowledge throughout the IFS community.

Furthermore, a Security Engineer at IFS is required to continuously expand their Architecture, Security, Privacy, and Compliance domain knowledge, including staying abreast of industry trends. Security Engineers will work closely with development teams and architects to ensure the adoption, implementation, and testing of security practices. They will apply their expertise to guarantee secure and successful technical outcomes. In certain instances, individuals in these roles will represent the entire company in key projects.

As a Security Engineer, your core responsibilities will include:

• Implementing security automation practices in collaboration with development and operations teams to integrate security into CI/CD pipelines.
• Designing, implementing, and maintaining secure CI/CD workflows, ensuring rigorous security checks and validations are integrated into the software development lifecycle.
• Conducting comprehensive threat modeling to assess risks and attack surfaces of IFS Products.
• Managing, enhancing, and overseeing the adoption of security platforms and tools to optimize vulnerability detection, response, and mitigation.
• Establishing and leading security guilds to cultivate a culture of security awareness and shared responsibility across the organization.
• Conducting and supervising regular penetration testing activities to identify and address potential vulnerabilities in systems and applications.
• Implementing improvements in vulnerability management and patching processes to ensure timely remediation and risk minimization.
• Identifying and implementing robust Security controls to address IFS Product threats.
• Providing expert guidance on the implementation of Security patterns.
• Advising on best Security practices and ensuring their strict adherence.
• Preparing comprehensive design documentation, reports, and technical presentations.

Qualifications

• Demonstrated extensive experience in security engineering, with particular emphasis on the implementation of automated security solutions.
• Comprehensive understanding and application of DevSecOps principles and practices.
• Substantial hands-on experience with CI/CD tools (e.g., Bitbucket, Jenkins, GitLab, GitHub Actions, or equivalent).
• Advanced proficiency in security platforms, vulnerability management tools, and scripting languages (e.g., Python, Bash).
• Proven track record in conducting rigorous penetration tests and comprehensive security assessments.
• In-depth knowledge of common vulnerabilities (e.g., OWASP Top Ten) and advanced remediation techniques.
• Exceptional communication and collaboration skills, with demonstrated ability to effectively engage and motivate cross-functional teams.
• Extensive familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes).
• Thorough and up-to-date knowledge of Security standards (e.g., NIST, ISO 27001, CIS).
• Significant experience in applying risk assessment methodologies (e.g., ISO 27001).

You have to wait 20 seconds

Generating Apply Link...