Senior Software Engineer - Security
at Ivanti Bucharest, Romania
Join our Team
By joining our newly established security software engineering team in Romania you will be at the core of our products with the mission of providing Secure Access.
You'll enjoy substantial recognition in the industry working on a solution that is being used at a large scale (25MM nodes) by most Top 100 Forbes companies.
Our solutions, suites and SaaS platform uniquely integrate cloud, mobile, application and network access to enable hybrid IT.
We are continuously innovating challenging the way we, and the industry, think about Secure Access. Our engineers are working and building products to solve complex problems in the Zero Trust World.
What a day will look like for you :
You will work as part of the Ivanti Security Solutions Group on the Pulse Connect Secure solution in a cross-functional agile global product team, enjoying a high level of autonomy, working in a close collaborative unit to solve security puzzles and challenges.
You will collaborate with our architects and the entire global software engineering teams to design and develop new features to enhance the security of our products.
Hands-on design and develop features for enhancing the security of our products
Collaborate with architects and fellow software engineers to identify the best solutions for security challenges
Pay special attention to Quality & Security in all stages of development
Ensure a high degree of security as well as reliability, availability, performance and scalability
Maintain existing code and troubleshoot issues in large scale complex environments
Collaborate with other teams in the organization
Drive innovations by staying on top of the emerging technologies and trends
Play a key role in evolving the product architecture
Provide technical leadership and mentorship to other team members
Our main office is in Bucharest but we would love to have you working from anywhere in Romania!
Key technical qualifications
Thorough understanding of the threat and attack landscape, latest security trends, attack vectors, vulnerabilities, and how they are leveraged by malicious actors
Strong understanding of certificates and encryption
Ability to triage, reproduce, recommend remediations and implement fixes for security vulnerabilities
Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
Extensive experience in web application security, SSDLC, Threat Modeling
MUST have experience analyzing reports from following tools Coverity, Blackduck, and DAST / SASTand fixing those issues.
MUST have experience working with analyzing issues filed by PSIRT teams and fixing those issues
MUST have good understanding of the Operating System concepts, mainly Linux
Experience implementing, running and maintaining tools and / or processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases (SAST, DAST, PenTesting, Security Unit Testing, etc.)
Good Understanding of Networking Protocols (DHCP, TCP / IP, AAA, RADIUS, LDAP, SNMP, 802.1X, IPSec) and experience working in Networking Security products preferably in SSL-VPN / NAC products.
If not SSL-VPN / NAC, then at least they should have worked in IPSec based products.
Experience working in an AGILE environment and working with a geographically distributed team
Expertise in cloud architecture and security fundamentals including containers, software-defined networks, high availability design, multicloud, and serverless compute is a PLUS
Familiarity with technical security controls, guidelines and frameworks outlined by standards such as industry standard cybersecurity frameworks, such as NIST CSF, ISO 27001, CIS Benchmarks, HITRUST is a PLUS
What’s in it for you
A collaborative environment driven by excellence, respect and support
Market competitive salary
25 days of holiday
Private healthcare, flexible budget and others