Work Arrangement: Hybrid (Flexible)
About Us: We are an innovative company developing an AI-powered Information Technology management platform designed to revolutionize the way businesses manage their IT infrastructure. Our cutting-edge solutions are helping companies optimize performance, reduce costs, and improve decision-making through advanced data analytics.
Position Overview: We are seeking a self-motivated Security Engineer to join our dynamic team. The ideal candidate will have over 4 years of technical experience in system design, project development, and production support of large cloud-native web applications/systems. This role requires expertise in secure software development frameworks, application penetration testing, and working with static/dynamic analysis tools (SAST/DAST).
Key Responsibilities:
- Design, develop, and implement security measures for our AI-powered IT management platform.
- Perform application penetration testing and vulnerability assessments to identify and mitigate security risks.
- Ensure secure software development practices by adhering to industry benchmarks such as OWASP Top 10, SANS Top 25, MS SDL, and CWE 25.
- Utilize static and dynamic analysis tools (e.g., BlackDuck, SonarQube, Seeker, Coverity) to ensure the security and integrity of our software.
- Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle.
- Provide production support and respond to security incidents in a timely manner.
- Stay updated with the latest security trends, technologies, and best practices to continuously improve our security posture.
Requirements:
- 4+ years of overall technical experience in system design, project development, and production support of large cloud-native web applications/systems.
- Extensive experience with secure software development frameworks and adherence to industry benchmarks (OWASP Top 10, SANS Top 25, MS SDL, CWE 25).
- Proven application penetration testing experience.
- Experience working with static and dynamic analysis tools (SAST/DAST) such as BlackDuck, SonarQube, Seeker, Coverity.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Ability to work independently and as part of a team in a fast-paced, dynamic environment.
- Self-motivated, flexible, and adaptive to a busy work environment.
Preferred Qualifications:
- Experience with cloud platforms such as AWS, Azure, or Google Cloud.
- Relevant security certifications (e.g., CISSP, CISM, CEH).
- Knowledge of AI and machine learning security considerations.
- Familiarity with DevSecOps practices and tools.
