Principal Software Security Engineer

Axway Vezi toate joburile

  • București
  • Permanent
  • Full-time
  • Acum 1 lună
Overview:We are seeking our new Principal Software Security Engineer to join the 74Software team! The Software Security Engineer is a member of the Software Security Group (SSG) in the R&D Department, a global group that focuses on supporting the delivery of secure products and services in cloud native and on-premises applications that serve numerous industries worldwide.The Software Security Engineer provides support to 74Software entities in the application of the Secure Software Development Lifecyle (SSDLC) for our products and services. This position will have primary responsibility for driving and continuously improving the SSDLC program, which includes performing security reviews, vulnerability assessments and guidance on the remediation/mitigation of security findings. This may also include designing and supporting security controls, optimizing our use of security testing suites, providing training in secure coding, and evangelizing security best practices within 74Software.The Software Security Group utilizes a structured approach for reviewing and validating the security of our software products with a mix of the following tools and processes: threat modeling, static source code analysis, dynamic analysis, attack surface analysis, software composition analysis, software vulnerability monitoring & management, manual penetration testing, third party penetration testing management, developer training in secure coding practices, and development/management of secure frameworks. Responsibilities:
  • Understanding of software security threats, mitigating controls, as well as their applicability to cloud and on-premises environments;
  • Ability to learn new products and technical concepts quickly;
  • Successfully manage time and technical responsibilities, set accurate expectations, and meet deliverable deadlines while working in a team environment;
  • Strong communication skills and ability to understand challenges and problems facing engineering teams;
  • Implement Secure by Design principles;
  • Solve complex systemic security problems;
  • Comfortable with speaking engagements (internal or external);
  • Guide developers on the implementation of our SSDLC program which includes secure coding practices and processes, as well as secure architecture and secure software designs (Threat Modeling);
  • Support teams in applying security within the CI/CD/CD process (DevSecOps);
  • Support customers, developers and SSG in technical analysis of tool outputs;
  • Support the management, control and upgrade of selected SSDLC tool suites;
Qualifications:
  • Bachelor’s degree in Computer Science, Information Technology or related field/equivalent experience;
  • 3-4 years of supporting an SSDLC program or similar secure software activities;
  • 6+ years relevant information technology or development experience;
  • Hands-on experience in some of the following areas: threat modeling, dynamic and static analysis, attack surface analysis, software composition analysis, penetration testing, vulnerability remediation techniques, HTTP, XML, REST, C/C++, Java, Web Servers (Apache/IIS), Scripting languages (JavaScript, Python, node.js, etc.);
  • Experience using productivity and communication suite tools to create documents, presentations, and detailed drawings;
  • Experience in AI/LLM/Agentic architectures;
  • Experience testing and remediating AI/LLM/Agentic security vulnerabilities;
  • Experience in using ticketing and content management tools;
  • Technical writing, documentation, and communication skills are required;
Helpful Skills to Support the Responsibilities :
  • Experience in Secure Code Analysis;
  • Strong technical understanding and aptitude for analytical problem-solving;
  • Understanding of CVSS, CWE, OWASP, ASVS and SANS top 25;
  • Knowledge of penetration testing methodologies or experience performing software/application penetration testing;
  • Working knowledge of Crypto technologies and practices (PKI, Crypto libraries, TLS/SSL etc.);
  • Authentication and Authorization mechanics and protocols;
  • Experience with Infrastructure as Code;
  • Understanding of the system hardening processes, tools, guidelines and benchmarks;
  • Understanding of enterprise computing environments, distributed applications, and an understanding of TCP/IP networks;
  • Comfortable working on both Linux-based and MS Windows-based system platforms;
  • Understanding and experience in IH/IR;
  • Secure system configuration and deployment of infrastructure.
Company Overview74Software is an enterprise software group founded through the combination of Axway and SBS. The origin of 74Software began much earlier - in 1968 with the founding of Sopra in the historical region of Haute-Savoie on the shores of Lake Annecy. An area of France also known as Department 74. While we are a public company, our founder’s family office is still heavily invested, maintaining our direct connection to the approach that brought us to this point. It remains the approach that guides us forward.Axway and SBS operate largely independently – with their own vision, strategies, and plans. The group provides the scalable administrative services that support them in delivering their vision. Together, we will delight our customers, develop our people, and grow enduring value for our investors.Career Development and Benefits:Employee career development is one of 74Software’s major company values; and we are deeply committed to helping them leverage the promotion and job mobility opportunities that are right for them.This is what our candidates can expect from us if they choose to join our team:
  • A personal development plan and training plan (technical, product & functional) in order to insure your integration and your performance;
  • Competitive remuneration package and real benefits (gym access, Bookster, private medical insurance with dental included, team-buildings, Fun Day, Christmas Party etc.);
  • Potential for growth in an international company;
  • Friendly working environment with experienced professionals;
  • Flexible working hours when need and hybrid work policy (2 days in the office per week);
  • Extra paid vacation days – 25 days/year;
  • Open games area – table tennis, sports and more!
In addition, 74Software’s global presence creates opportunities for geographical mobility both within subsidiaries.#LI-AS1

Axway

Job-uri similare

  • Principal Software Engineer

    Harman

    • București
    We're a global, multi-disciplinary team that's putting the innovative power of technology to work and transforming tomorrow. At HARMAN Automotive, we give you the keys to fast-trac…
    • Acum 13 zile

  • Principal Software Engineer (contractor)

    SiriusXM

    • București
    Responsibilities: Who We Are: SiriusXM and its brands (Pandora, SiriusXM Media, AdsWizz, Simplecast, and SiriusXM Connect) are leading a new era of audio entertainment and serv…
    • Acum 1 lună

  • Principal Software Security Engineer

    Axway

    • București
    Overview We are seeking our new Principal Software Security Engineer to join the 74Software team! The Software Security Engineer is a member of the Software Security Group (SSG) …
    • Acum 1 lună