Kelly IT is currently recruiting a Senior Security Engineer for our international client with a brand new Tech Hub in Lisbon.
* Identify potential threats by performing threat modeling, architectural design review, source code review, dynamic application security tests (pentest) for the web, mobile and infrastructure
* Coordinate external security assessments and remediations
* Participate in the product features development with cybersecurity risk assessment
* Analyse the current trends/risks; provide guidance for security policies and standards
* Coach security champions, including but not limited to defining training path, automation tools configuration, reviewing automated static code analysis results
* Participating in design and requirement reviews and providing design solutions that allow the application to maintain security without losing functionality. Incorporate design solution in Development, DevOps and Architectural best practices.
* Conducting application-level penetration testing and independent reviews of source code repositories.
* Reviewing and improving security architecture of our Products.
* Performing security assessments of the Group applications on a recurrent basis to ensure security requirements are being met. Providing security sign-off of applications being moved to live environments.
* Conducting source and dynamic application security reviews in relevant languages (Java, C/C++, Perl, Python, PHP, .NET…).
* Defining security test cases during test automation and developing new tools to improve the security of the group gaming application
* Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
* Experienced in relevant development languages (Java, C/C++, Perl, Python, PHP, .NET)
* Good understanding of HTTP protocols, security controls, API design and security testing
* University degree (Computer Sciences, Information Systems, Engineering, Business Administration or equivalent)
* Relevant experience in a similar role
* Understand key processes in cloud technology
* Experience working in an iterative approach to innovation.
* Fluency in written and spoken English.
* Identity and Authentication standards such as FIDO and OAuth
* Understanding of cryptography
* Penetration testing consultancy
* Source code reviews
* Vulnerability management and identification, including extensive OWASP knowledge
* Application security assessments (source code and dynamic)
* Vulnerability research
* Security tool development
* Experience with static source-code analyzers
* Experience with dynamic application security testing tools
* Experience with Web-Application Firewalls (WAF)
* Software and protocol reverse engineering
If you match this profile, please submit your English CV.
A Kelly Services atua na qualidade de Agência de Emprego, em relação à presente oferta. Informamos que se optar por se candidatar, as suas informações serão tratadas de acordo com a Declaração de Privacidade da Kelly Services.
Kelly Services acts as an Employment Agency in relation to this offer. Please be advised that if you choose to apply, your information will be treated in accordance with the Kelly Services Privacy Statement.