Staff Software Engineer - Security
Bucharest, Romania
6 zile în urmă

Staff Software Engineer - Security

at Ivanti Bucharest, Romania

Looking for more than just a job? We like developing our people just as much as we like developing great products.

Our security engineering team is at the core of our products with the mission of providing Secure Access. Our solutions, suites and SaaS platform uniquely integrate cloud, mobile, application and network access to enable hybrid IT.

We are continuously innovating challenging the way we, and the industry, think about Secure Access. Our engineers are working and build products to solve complex problems in the Zero Trust World.

As part of our newly established security software engineering team in Romania you will be at the core of our products with the mission of providing Secure Access.

You'll enjoy substantial recognition in the industry working on a solution that is being used at a large scale (25MM nodes) by most Top 100 Forbes companies.

Position Summary

We are seeking a Software Engineer who has great passion for developing secure solutions and is focused on improving applications, systems and infrastructure security.

You will work with multiple highly skilled development teams around the world to implement and advocate security engineering best practices.

Our main office is in Bucharest but we would love to have you working from anywhere in Romania!

What a day will look like for you :

You will work as part of the Ivanti Security Solutions Group on the Pulse Connect Secure solution in a cross-functional agile global product team, enjoying a high level of autonomy, working in a close collaborative unit to solve security puzzles and challenges.

You will collaborate with our architects and the entire global software engineering teams to design and develop new features to enhance the security of our products.

  • Hands-on design and develop features for enhancing the security of our products
  • Collaborate with architects and fellow software engineers to identify the best solutions for security challenges
  • Pay special attention to the Quality & Security in all stages of development
  • Ensure a high degree of security as well as reliability, availability, performance and scalability
  • Maintain existing code and troubleshoot issues in large scale complex environments
  • Collaborate with other teams in the organization
  • Drive innovations by staying on top of the emerging technologies and trends
  • Play a key role in evolving the product architecture
  • Provide technical leadership and mentorship to other team members
  • Key technical qualifications

  • Must have experience analyzing reports from following tools Coverity, Blackduck, and DAST / SASTand fixing those issues.
  • MUST have experience working with analyzing and fixing security issues as filed by PSIRT (Product Security Incident Response Team)
  • Must have programming experience with C / C++ and preferred Javascript, Perl, Python
  • Must have good understanding of the Operating System concepts, mainly Linux
  • Thorough understanding of the threat and attack landscape, latest security trends, attack vectors, vulnerabilities, and how they are leveraged by malicious actors
  • Strong understanding of certificates and encryption
  • Ability to triage, reproduce, recommend remediations and implement fixes for security vulnerabilities
  • Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Extensive experience in web application security, SSDLC, Threat Modeling
  • Experience implementing, running and maintaining tools and / or processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases (SAST, DAST, PenTesting, Security Unit Testing, etc.)
  • Good Understanding of Networking Protocols (DHCP, TCP / IP, AAA, RADIUS, LDAP, SNMP, 802.1X, IPSec) and experience working in Networking Security products preferably in SSL-VPN / NAC products.
  • If not SSL-VPN / NAC, then at least they should have worked in IPSec based products

  • Expertise in cloud architecture and security fundamentals including containers, software-defined networks, high availability design, multicloud, and serverless compute is a plus
  • Familiarity with technical security controls, guidelines and frameworks outlined by standards such as industry standard cybersecurity frameworks, such as NIST CSF, ISO 27001, CIS Benchmarks, HITRUST is a plus
  • What’s in it for you

  • Collaborative international environment
  • Flexible working hours
  • 25 days of paid leave
  • Fully funded private healthcare
  • Additional 75 EUR per month (for things like utilities / gym membership etc.)
  • Crucial impact on the security of most the Top100 Forbes customers
  • Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.