Project Overview:

Application Security engineers are working with product teams to help deliver secure products. As shift-left evangelists, we want to focus on pre-code activities in product planning and development. This includes reviewing early-stage designs, developing threat models, preparing security requirements, and scaling impact by curating security patterns, guidance, and training. We are looking for people who will help us build end-to-end security in close collaboration with DevSecOps, Architecture, and Engineering chapters and product teams. 

Юлія Дударчук
  • You will be the primary security engineer for software products and act as the point of contact for engineering and security.  
  • Preparation of security requirements based on company policies and security standards (e.g. OWASP ASVS).  
  • Design, build and review security-related services and functions of web applications and mobile services.  
  • Conduct product security threat and risk assessments for software products regularly (OWASP Threat Dragon or similar tool).  
  • Classify data and applications based on business risk. Establish a simple classification system to represent risk-tiers for applications.  
  • Collaboration with product & development managers on the assessment and prioritization of security-related tasks in the development backlog.  
  • Improvement of the adoption of security best practices in testing, automation, and continuous integration pipelines. 
  • 3+ years of related technical experience in Product Security Architecture or Engineering.  
  • 3+ years of experience in Cloud Platforms: Azure(preferred)/AWS.  
  • 3+ years of demonstrated experience in the Secure SDLC approach. Ability to describe goals, steps, approaches, etc. Possess the ability to lead the implementation of security controls in the development team.  
  • Experience in implementing and verifying OWASP ASVS.  
  • Experience in conducting threat assessments, building threat models, and creating remediation plans/requirements based on the results of threat assessments.  
  • Experience in risk management, its purpose, and approaches.  
  • Solid knowledge of OWASP Top 10 and understanding of OWASP testing guide.  
  • Ability to develop and conduct security pieces of training and workshops (e.g., General security training, threat modelling).  
  • Proficiency in communicating over a text-based medium (MS Teams, Jira/Confluence, Email) and ability to concisely document technical details.  
  • Excellent interpersonal and verbal communication skills.  
Higher Education:
  • Specialist / Professional Certified.




Тебе також можуть зацікавити

Чому варто приєднатись до команди INTELLIAS

У нас ти знайдеш доброзичливе середовище та можливості навчатися й зростати щодня.

Можливості релокації в INTELLIAS

Отримуй новий досвід та відкривай нові горизонти, знаходячись лише в декількох годинах подорожі…

Підтримка здоров’я та спорту

Ми докладаємо максимум зусиль, щоб забезпечити комфортні умови для консультантів компанії, та піклуємося…

Як стати частиною команди INTELLIAS

Ми робимо все можливе, щоб спростити та прискорити твій шлях до нашої команди. Будемо раді бачити тебе...
Dropzone.autoDiscover = false;