Software Security Engineer

le contenu du travail

Would you like to be part of a dynamic and exciting Information Security team protecting patients data and supporting world changing product that has a direct impact on the lives of cancer and rare disease patients worldwide?

Join our growing team and use your exceptional technical skills to help us deliver on our mission of democratizing Data-Driven Medicine.

Our products are used by over a thousand healthcare institutions globally and provide world leading capabilities for the analysis of genomic, clinical, and imaging data.

As a Software Security Engineer, you will join the InfoSec team and will work in close collaboration with Engineering and DevOps team to ensure the security of our Software Development Lifecycle and Applications / Products.

Responsibilities

• Support and review risk assessment activities during the development of our software and products.
• Build and coordinate application security risk mitigation plans (including post Pentest remediation plan).
• Be the SME of key security components of our applications (e.g. Authentication Service).
• SecDevOps - Work in close collaboration with the DevOps team to manage a secure CI/CD tool chains (SonarQube, Trivy, Polaris, AKS, etc.).
• Implement the processes and policies to leverage these tools all over the SDLC.
• Provide trainings & spread good practices among engineering teams to raise awareness on secure software development.
• Proactively challenge company security posture (via technical audits or continuous improvement).
• Provide expertise on application security incident mitigation.

Requirements:

• Bachelor in Engineering, Information Technology or Security.
• Minimum of 2 year of experience in Information Security and several years in software engineering.
• Expert in several of the following areas:
  • Risk Management / Application Security / Secure SDLC / CI CD / Logging and Monitoring / DAST SAST / WAF / Pentest.

• Experience working within an information security compliant company is a plus (e.g. ISO 27001 or equivalent).
• Excellent written and oral communication skills.
• Great team player.
• Proactive, rigorous, practical thinker.
• Certifications are a plus (CEH, OSCP, SSCP, CISSP).

Benefits:

• A flexible, friendly and international working environment with a collaborative atmosphere
• An exciting company mission that brings together science and technology to directly impact the lives of patients with life threatening illness.
• A fast-growing company with plenty of opportunity for personal growth and development