OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
We are looking for a Software Security Engineer to join us.
The role will be part of the Security Architecture and Engineering (SAE) team, part of the InfoSec organization. The SAE team creates the security roadmap and strategic view for Verisure Group, and defines and standardizes the security controls, tools and their configurations, alongside the security architectures and designs that developers and engineers must follow. The SAE team is also responsible for defining, maintaining and delivering the security assurance framework, ensuring that our hardware and software products and IT solutions are securely designed, built and deployed. The team mission is highly relevant, as it covers both the thinking and the hands-on needed to create large-scale and long-term impact.
Reporting to the Group Head of Security Architecture & Engineering, this position is responsible for improving the software security posture of Verisure software globally. In particular, the Software Security Engineer will define secure development standards and automate security tools and controls in the software development pipeline.
The Software Security Engineer will also be responsible to help the development teams to understand and solve security issues identified.
As a member of the Group InfoSec team, the Software Security Engineer will also cultivate a culture of security awareness and incorporate security mindset in developer’s daily work.
The role can be based in Malmo – Sweden (preferably) or Madrid – Spain and works across country borders. Some travel between Madrid and Malmo locations is expected from time to time, although the SAE team is already spread across Spain, Sweden and the UK and works predominantly as a virtual team.
Responsibilities include:
* Work with Infosec teams and development to achieve alignment between information security and business objectives.
* Develop and communicate software security guidelines, standards and procedures of mandatory applicability by all Verisure developers, engineers and third-party providers.
* Educate SW developers in secure development best practice.
* Establish tooling (SAST, SCA, IAST/DAST, etc.) for the purpose of evaluating security standards and security controls within CI/CD.
* Support developers to mitigate identified security weakness.
* Risk assessment: identity risks and help stakeholders to understand the implications towards making an informed decision.
What you bring
To be successful in this role, you will need to be a strong technical security professional with a passion for problem-solving alongside a demonstrable track record working in multicultural and global organisations under agile practices. Along with this, you will need to have significant personal drive and an analytical mindset; with the ability to anticipate risks and creatively resolve bottlenecks proactively.
Qualifications:
* 6+ years of experience in IT / Cybersecurity, of which 5+ years within SW security.
* Experience with Secure SW development, SAST, SCA and IAST/DAST tools as well as CI/CD.
* Previous experience in SW development (preferable Java, C and Python) and SW testing.
* Expert knowledge of SW security best practice and frameworks (OWASP).
* Experience of working package management tools like Maven, Gradle and NPM.
* Ideally experience working with IoT products and ecosystems.
* Ideally Experience of working with cloud solutions.
* Fluent in English, both written and verbal.
Everything we do is driven by our DNA. Our DNA has enabled us to grow at a double-digit pace for many years and is setting us up to continue this journey.
* Passionate in Everything We Do: Our people have a sense of energy that is unmistakable, one that drives us to delight our customers and focus on creating impact quickly.
* Committed to Making a Difference: When we say we will do something; we deliver with excellence. We are accountable, focused and operate with discipline.
* Always Innovating: We believe that Innovation can be big or small; it’s a continuous state of mind that inspires us to think differently and always make things better. We are risk takers and we learn continuously.
* Winning as a Team: Our people know that by leveraging one another’s strengths, investing in and developing our team’s capability and by collaborating well, we will win.
* With Trust & Responsibility: Operating with integrity is core to our success. We are humble, honest and value deep mastery and expertise. We do the right thing, always.
At Verisure we want you to have flexibility, that’s why we are implementing a hybrid way of working, so you have the opportunity to work remotely. We offer great opportunities to personal development with an environment characterized by humbleness and knowledge sharing and to enhance the on the job training we have a training budget to ensure personal growth.