Senior Security Engineer

SENIOR SECURITY ENGINEER

Workplace: Wrocław | hybrid work

Industry: Automotive

WHO WE ARE?

ALTEN – A Global Leader in Engineering and IT Services

Founded in France in 1988, the ALTEN Group is a leading technological partner serving the world’s largest clients. In 2023, it achieved revenues exceeding 4.07 billion euros and employs over 57,000 people, 88% of whom are engineers and IT experts.

ALTEN Polska has been operating for 13 years, supporting its clients' innovation, research and development, and IT systems. It has offices in Kraków, Warsaw, Wrocław, Gdańsk, and Poznań.

It serves key industries such as aerospace, space, industrial solutions, automotive, railway, energy, finance, telecommunications, and retail.

Areas of expertise: business analysis, cybersecurity, artificial intelligence, data analysis and cloud solutions, application development, software testing, project management, embedded software, quality management, industrialization, digital transformation, and industrial engineering.

For more information, visit: http://www.altenpolska.pl

WHAT YOUR CHALLENGES WILL BE?

• Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used.
• Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications.
• Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices.
• Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities.
• Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development.
• Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle.
• Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies.
• Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization.

Profile of the Perfect Candidate:

The ideal Senior Application Security Engineer is a seasoned professional with a comprehensive understanding of secure software development practices, including threat modeling, code reviews, and vulnerability management. They are well-versed in current security tools, technologies, and best practices. The candidate should possess a proactive approach to security, staying up-to-date with the latest threats and trends in cybersecurity. They should be comfortable working in a fast-paced environment, collaborating with cross-functional teams, and communicating complex security concepts to both technical and non-technical stakeholders. Strong analytical skills, attention to detail, and a passion for continuous learning and improvement are key attributes of the perfect candidate.

WHAT DO WE REQUIRE?

• Educational Background: Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Experience: 5+ years of experience in application security or a related field, with at least 2 years in a senior or lead role.
• Technical Skills:

o Proficiency in security assessment tools and scanners (e.g., BlackDuck, Nexus IQ, OWASP ZAP, Fortify, Sonarqube).

o In-depth knowledge of secure coding practices and security standards (e.g., OWASP, NIST).

o Experience with programming languages (e.g., Python, Java, .NET) and scripting.

o Familiarity with DevSecOps practices and tools (e.g., Jenkins, Docker, Kubernetes, CI/CD pipelines).

• Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GWAPT are highly desirable.
• Soft Skills:

o Excellent communication and interpersonal skills.

o Strong problem-solving and analytical abilities.

o Ability to work collaboratively in a cross-functional team environment.

• Mindset: Proactive, self-motivated, and passionate about staying current with the latest trends and threats in cybersecurity.

WHAT CAN WE OFFER?

ALTEN's DNA combines human values, a culture of excellence and experience in serving its clients. We offer an individual approach to each employee in the spirit of work-life balance. We place emphasis on responsible, sustainable development and pro-ecological solutions.

We offer:

▪ A full-time contract with possibility to choose the form of employment (UoP/B2B)

▪ Stable and long-term cooperation

▪ Support of a dedicated manager and Career Managment team

▪ A clearly defined career path and the possibility of development in four areas as: Project Manager, Business Manager, Technical Leader and a specialist in their field.

▪ Participation in company conferences, trainings, workshops, integration meetings, etc.

▪ Certification and training opportunities

▪ Opportunity to relocate and work in different ALTEN Polska branches

BENEFITS

▪ Medicover medical care

▪ Medicover dental care

▪ Medicover Benefits platform / Medicover Sport card

▪ Employee referral program

▪ Layette for a newborn employee’s child

▪ Group life insurance

▪ Pension scheme

Join our team and let’s build tomorrow’s world today!

NOTICE: We kindly inform you that we will contact the selected candidates.