Informacje o stanowisku

Lyreco is looking for an experienced Application Security Engineer to join our cybersecurity team. You will be responsible for integrating security practices into CI/CD pipelines and ensuring code security at every stage of development. You will collaborate with DevOps and development teams to strengthen the security posture of Lyrecos digital landscape.

Responsibilities:

• Secure the development cycle (SDLC): Integrate SAST/DAST tools and automate security within CI/CD pipelines.

• Code review: Analyze source code to identify and fix vulnerabilities.

• Implement security controls: Ensure relevant security controls (like authentication, access control, data encryption, etc.) are implemented in Lyreco applications.

• Support developers: Promote secure coding best practices (Advisories, CTF, bug bounty programs, etc.).

• Compliance and security assessment: Ensure applications security compliance with industry standards (ISO 2700X, OWASP, etc.) best practices and Lyreco internal guidelines, participate in security assessment, penetration tests, and support resolving issues after risk assessment.

• Vulnerability management: Assess, fix, and monitor application security risks.

• Configure security tools: Select, implement, manage and continuously develop security solutions such as WAF, SIEM, etc.

• Continuous monitoring and alerting: Monitor application threat landscape and propose relevant countermeasures.

Required Skills:

• CI/CD and application security tools: Jenkins, GitLab CI, GitHub Actions, SAST (SonarQube, Checkmarx), DAST (OWASP ZAP, Burp Suite), IAST, RASP, WAF, securing APIs and microservices.

• Secure coding: Mastery of secure coding practices (OWASP, CWE/SANS) and web frameworks (JS, SOAP, JSON, etc.), code review (SonarQube, Checkmarx, Fortify), secrets management (Hashicorp Vault, Azure Key Vault), and certificate management.

• Cloud Security: Experience with cloud security such as Azure, GCP, AWS.

• Container Security: Experience with Docker, Kubernetes, and container scanning tools (Trivy, Clair).

• Automation: Scripting (Python, Bash) and infrastructure-as-code (Terraform, Ansible).

• Vulnerability management: Deep understanding of application-related vulnerabilities (XSS, CSRF, LFI, etc.) and remediation methods, familiarity with CVSS.

• Collaboration: Ability to work closely with DevOps and development teams and communicate effectively.

• Certifications: OSCP, OSE, OSWE, GIAC Advanced, CSSLP, CEH, AWS Certified Security is a plus.

If the above job description interests you and you think you are a good fit, apply now! (CV in English) We look forward to receiving your application.

Gdańsk - Oferty pracy w okolicznych lokalizacjach