Informacje o stanowisku

• Bachelors degree in software engineering or related field, or equivalent practical experience.
• Minimum of 5 years working as a software developer or DevOps specialist.
• Proficiency in English communication (CEFR Level C1).
• Ability to identify and address vulnerabilities listed in OWASP Top10.
• Knowledge of object-oriented programming languages such as Java or .NET.
• Experience with AWS and Azure cloud platforms, particularly their security features.
• Familiarity with modern technologies like Docker and Kubernetes.
• Expertise in automated deployment and management of containerized applications.
• Proven track record in establishing operational awareness through monitoring and alerting solutions.
• Proficiency with Infrastructure as Code (IaC) and Configuration Management tools like Terraform, Ansible, Puppet, or Chef.
• Deep understanding of CI/CD pipelines, with at least 2 years of experience.
• Strong scripting abilities.
• Excellent grasp of version control systems and application lifecycle management using Git/GitHub.
• Commitment to continuous professional development in software engineering, cloud computing, and application security.
• Experience working in agile development teams within dynamic environments.
• Outstanding interpersonal and communication skills in English, both written and spoken.
• Previous experience supervising or mentoring teams in adopting DevSecOps practices.
• Familiarity with cloud-native development and various public and hybrid cloud services.
• Hands-on experience with DevSecOps tooling such as CNAPP, SAST, SCA, and DAST.
• Ability to manage large-scale and fault-tolerant distributed systems in production.
• Knowledge of IT security frameworks and standards including ISO2700x, CIS Benchmarks, NIST, OWASP SAMM, and OWASP ASVS.
• Broad understanding of various technologies, programming languages, and application frameworks to identify risks and vulnerabilities.
• Experience conducting Application Security reviews, Program Assessments, Maturity Scoring, Vulnerability Assessments, and SDLC process improvements.
• Familiarity with ecosystems such as SAP, Salesforce, ServiceNow, PLM solutions, CRM, and Data Management/BI.

,[ Serve as subject matter expert (SME) in DevSecOps initiatives., Provide support for static, dynamic, and security awareness services., Lead the development, maintenance, and enhancement of detection controls,, security reviews, remediation activities, and engagements with business units., Conduct S-SDLC training and offer guidance on security-related issues., Drive the adoption of embedded application security controls within the Software, Development Life Cycle (SDLC)., Advise on identified vulnerabilities in applications and cloud environments while, maintaining alignment with the product roadmap., Evangelize and coach engineers on secure design and development practices, through threat modeling and remediation efforts., Facilitate knowledge sharing of secure development techniques and best practices, across engineering teams., Collaborate with technology and business units to ensure successful delivery of, cybersecurity initiatives., Provide assistance as part of incident response (Security Operations) processes, when needed. Requirements: Security, Degree, DevOps, OWASP, Object-oriented programming, Java, AWS, Azure, Docker, Kubernetes, Infrastructure as Code, Terraform, Ansible, Puppet, Progress Chef, CI, CD pipelines, Application lifecycle management, Git, GitHub, Communication skills, SAST, DAST, CIS, NIST, SDLC, SAP, Salesforce, PLM, CRM, Data management

Praca Warszawa

Chief security officer Warszawa

Warszawa - Oferty pracy w okolicznych lokalizacjach