Empresa:

PRAGMASOFT - a Wirtek company

Descrição da Função

We are seeking a talented and experienced Product Security Engineer to work within the Product Security team for the end-to-end security of our client's software products.

The ideal candidate will have prior experience working closely with software engineering and product teams to achieve product and security business objectives. They support the implementation of secure development practices, threat modelling, architecture, design, vulnerability assessments and security verification, as well as defining the security standards for a variety of products and tools.

Job Responsibilities

• Providing security guidance on new products and technologies within the organization
• Develop solutions to meet security needs efficiently and overcome technical challenges
• Collaborating with engineering teams to perform product security assessments and threat modelling
• Hardening and managing the security of software development pipeline tools (CI/CD)
• Collaborating with development teams to reduce false positives from SAST and DAST scans
• Collaborating with infrastructure teams to harden operating systems and infrastructure.
• Responding to vulnerabilities discovered by detection systems
• Maintaining internal documentation and security standards to align with security best practices
• Designing and implementing tools to automate and scale security processes
• Define access policies and review access requests for approval
• Assess effectiveness of security controls, such as firewalls, authentication methods, etc.
• Providing security support and leadership to the product engineering team
• Oversees the creation of project documentation including qualification plans, issue lists

Qualifications

• 3+ years Product Security Engineer experience required
• Bachelor's Degree in Computer Science, Computer Engineering, or equivalent and relevant experience
• Experience configuring and using static and dynamic application security testing tools
• Scripting abilities with policies as code and simple automation using Python, Bash, or similar tools
• Knowledge of secure software design and development techniques
• Maintains current knowledge of technologies, evaluates and researches technologies to determine best solutions, placement, testing methodologies and implementation
• Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25
• CISSP, CSSLP, AWS Certified Security Specialty, or other security certifications preferred

What we'll hook you up with:

• Your well-being matters: you will get flextime and support for your personal needs
• You get access to a time bank: you can take time off when needed and add time to make up for the "time loan"
• We care about each other, joys and challenges alike. There's always someone you can share a laugh, a problem, or a story with
• Other goodies that support a good life-work balance: private medical insurance, team activities, and more.

Observações

Porto (Portugal)