All offersWarszawaSecurityIT Security and Cloud Consultant
IT Security and Cloud Consultant
Security
Hexagon | Intergraph Polska Sp. z o.o.

IT Security and Cloud Consultant

Hexagon | Intergraph Polska Sp. z o.o.
Warszawa
Type of work
Undetermined
Experience
Senior
Employment Type
Permanent
Operating mode
Remote

Tech stack

    AppSec
    nice to have
    OWASP TOP 10
    nice to have
    CWE/SANS Top 25
    nice to have
    Microsoft SDL
    nice to have
    CCSP
    nice to have
    ASP.NET
    nice to have
    Angular
    nice to have

Job description

Online interview
Job description

The IT-Security and Cloud Consultant will provide technical leadership for our Security Development Lifecycle of the Infrastructure Product Portfolio by establishing clear direction, a dynamic security culture, and measurable goals to continually improve our application security strategy.
This individual will integrate security processes and tools across the development organization for Surface Area, Static Code Analysis, Dynamic Code Analysis, and Penetration testing as well as execute security training programs for developers. Candidates must be able to approach application security with a pragmatic perspective of risk management and avoid purely academic thinking about software security.
In addition, this role implies a leading role in consultancy of software deployment in the cloud. The individual will be responsible to design, manage and secure data, applications and infrastructure in the cloud.

Duties will include

  • Evangelize security best practices within the development teams and build security expertise across the organization. 
  • Manage regular security reviews with the product development teams and present summary level reports to Infrastructure leadership team. 
  • Provide selected support to the internal Legal and Sales Proposals teams as well as occasional best practice security support to external customers in the Infrastructure markets. 
  • Leading company efforts to gain additional security certifications. 

Qualifications

  • A completed bachelor’s degree in Computer Science, Software Engineering or related technical field is required.
  • 3+ years of progressively more complex AppSec experience at a medium to large size software company. 
  • In-depth experience with common security tools across SAST, DAST, IAST, and PenTest vendors.  
  • Familiar with GDPR principles and personal related data. 
  • Expert knowledge of OWASP Top 10 and CWE/SANS Top 25 listings as well as practical, hands-on experience with the development, testing, and remediation of software security issues is a plus. 
  • Familiarity with agile development processes and experience integrating secure development best practices into an agile model, Microsoft SDL experience is a plus. 
  • Software engineering experience with Microsoft and/or Java web applications, specific experience with ASP.NET, and Angular is a plus. 
  • CCSP (Certified Cloud Security Professional) is a plus. 
  • Familiarity with industry standards and regulations including but not limited to ISO27034, ISO27001 and Privacy by Design/Privacy by Default. 
  • Strong personal ethics and understanding of ethics in Application and Information security. 

We Offer You

  • Stable contract of employment. 
  • Very good salary.
  • Possibility of remote work. 
  • Sports package and private health care. 
  • Group life insurance. 
  • Good working atmosphere. 
  • Working in an international environment.