The Senior Cloud Application Security Development professional will be part of the Secure Software Development team within Product Security, dedicated to fixing identified application-level vulnerabilities whilst coaching Tribe members in secure development practices. The successful candidate will work in a consultative capacity across multiple tribes, so should be comfortable in dipping in to help solve different problems with different teams, nationalities, and locations. Excellent technical, interpersonal and communications skills are key to this role.
In addition to working with Tribes, the successful candidate should also be comfortable in developing tools and utilities to improve the security of cloud resources whilst not hindering developer productivity.
The role will report into the Senior Manager, Product Security and will be part of a multidisciplinary team of developers with experience in Secure Software Development (SSD) and Attack Surface Management (ASM) to deliver initiatives and guiding principles that will help identify and mitigate vulnerabilities within the products that Sportradar develops. The Senior Cloud Application Security Development professional will also work closely with 3rd parties (e.g. Bug Bounty programme) as well as other teams within the wider Security group (e.g. GRC, SOC, etc.).
responsibilities :
Respond to identified vulnerabilities in our applications and cloud environments without jeopardizing product roadmap.
Evangelize and coach engineers on secure design & development practices through threat modelling and help remediate findings through pair-programming sessions.
Cross pollination of secure development techniques and best practices across engineering tribes.
Collaborate across both SSD and ASM teams in Product Security to ensure unit initiatives are successfully delivered.
Be on-hand to assist colleagues as part of our incident response process should this be required.
requirements-expected :
You get excited by challenges, and have a positive, can-do attitude in working with different teams, locations and technologies to achieve the best outcome.
You are interested in cloud and application security and thrive on having multiple problems to solve, together with a continuous learning mindset.
You enjoy diving in and figuring the crux of a problem quickly and helping provide a pragmatic solution to the team, whilst efficiently communicating the outcome to techies and managers alike.
You are comfortable with mentoring others and taking a lead role for an initiative to help deliver the intended outcomes.
Degree in software development, or other relevant experience.
10+ years of experience as a software developer or DevOps professional.
Ability to manage, prioritize, remediate vulnerabilities like those on the OWASP Top10 list.
Excellent knowledge in at least one of the object-orientated programming languages like Java, .NET, and scripting languages like Python, JavaScript, etc.
Experience with AWS cloud services, especially their security products.
Experience with modern technologies like Kubernetes, Protobuf, gRPC, and GraphQL.
Experience with automated deployments and containerized application management.
Experience with message brokers (e.g. Kafka), and relational databases (e.g. MySQL.
A keen interest in continuous professional learning across software engineering, cloud, and application security domains.
Working in agile development teams in a fast-paced environment.
Excellent inter-personal and communication skills with fluency in English (written & spoken).
Ability to take a lead role in the team, supervising and/or mentoring others.
offered :
The opportunity to work and develop within an inspiring and fast-growing company, with different teams working on different products in different locations.
The possibility to directly contribute to the security of products used by our clients in the global sports business.
Consultative role with multiple teams across different geographies and product lines, where no one problem is the same.
A collaborative environment with colleagues from all over the world (engineering offices across Europe, in Asia and the US).
Competitive salary and benefits (e.g. retirement pension and insurance plan).
