Welcome to Next Engineering - Where Innovation Meets Purpose
Be the NEX T Software Security Architect!
What are we looking for?
Focused on excellence, the security team ensures the company is following security best practices across the organization, minimizing exposure to risk. Part of the key success is to ensure all our teams and services are following the right security policies and continuously improving the standards.
We are looking for a Security Engineer/Architect to be responsible for the design, building, testing, and implementation of security systems within our Organization. To be successful in this role, you should be experienced in information security and IT risk assessment, with a strong understanding of security protocols, authentication, and security. You should also possess strong interpersonal and communication skills and be able to work with a wide variety of people.
How will you make an impact?
Design secure software development and delivery systems with objectives like speed, scalability, robustness, zero-trust, automation, and supportability at the core.
Ensure that the application estate is built, deployed/delivered, and operated securely, according to industry standards, as well as our own.
Provide expert software security advice (design, coding, testing, etc.) to the Software Engineering community, to InfoSec, DevOps, and other colleagues.
Conduct research and regularly consult with colleagues.
Deliver secure software development training (e.g. OWASP Top10).
Co-work with Security Analysts and other colleagues on software vulnerabilities and security issues: determine scope, severity, and potential impact, recommend next steps, follow through with risk treatment and mitigation.
Escalate issues appropriately to various teams and levels of authority inside the organization.
Act as the first Point of Contact (POC) for all application/software security issues, vulnerabilities, events, anomalies, incidents, and investigations.
What is needed to succeed?
Advanced understanding and demonstrable practical experience with the SDLC (Software Development Lifecycle), e.g. in a Developer, SDET, Senior Tester/QA analyst, Application Architect, Product/API designer, or similar role. – minimum 5 years of experience required; coding experience in more than one language from: C/C++/C#, .NET, .NET Core, Java, JavaScript, Node.js, Angular, React, etc.
Good experience working with (understanding, preventing, and remedying) security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency checking, OWASP Top10 testing, application threat modelling, SEI CERT C/J, etc.
Good experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. GitHub, Jenkins, Bamboo, etc).
Good expertise in taking security policy statements and translating them into actual, implementable security controls and techniques that can make our software applications demonstrably more secure and robust.
Good understanding of common information security management standards, frameworks, and laws/regulations: e.g. BSIMM, NIST, ISO 27001, GDPR, etc.
Your NEX T step is right here!
Share your CV with REF NGO
Let's shape the future, together!
#J-18808-Ljbffr