Software Security Engineer (Remote)

We’re looking for a Senior Software Security Engineer for our international partners team.

The new colleague would contribute to process development regarding their IoT Solution for Smart Utilities and Cities. Will be responsible for automating complex internal tools to achieve the full automation of our systems (including activities related to installation, databases, systems, and other related applications).

They are working remotely.

Tasks

• Write code to implement based on the requirements specification and other relevant documentation.
• Assist in various application security assessment activities, including white-box and black-box penetration testing, static code analysis, and code reviews on software products and applications.
• Collaborate in the development of tools for the automation and management of security assessment activities, enhancing efficiency and effectiveness.
• Assist in the implementation and integration of security measures in Software Development Life Cycle (SDLC) and DevOps pipelines, ensuring security is seamlessly woven into the development process.
• Study and understand the requirements specification and other relevant documentation based on cryptographic standards.
• Communicate and collaborate with product development teams, providing necessary support for the secure development process and fostering a culture of security awareness.
• Research and propose efficient, practical, and applicable mitigation strategies to remediate identified security vulnerabilities.
• Evaluate application security tools for internal use and contribute to their successful implementation.
• Travel 20%.

Requirements

• 5+ years of experience in Software Security.
• At least a few years of experience in Java development.
• Basic understanding of cryptographic key algorithms and network security.
• Basic understanding of security fundamentals and strategies defense-in-depth methodology, C.I.A. security pillars.
• Able to work collaboratively and individually on assignments.
• Professional verbal and written communication skills in English.

Advantages

• Basic understanding of C or C++.
• CISSP or equivalent Certifications.
• Experience developing software and web applications in .NET technologies.
• Familiarity with identifying and protecting against web application and web service security vulnerabilities, including those found in the OWASP Top 10 and CWE Top 25.
• Familiarity with security testing tools for various forms of security testing, such as static analysis, dynamic analysis, and penetration testing.
• Experience in scripting languages PowerShell, Bash, Python, etc.
• Familiarity with Azure DevOps, IoT, and container technologies.

What they offer

• Benefits – accident and life insurance, private outpatient care support, cafeteria-gross 640.000 HUF/year
• iPhone with a generous data allowance.
• Opportunity to create a moreresourceful world by working on the 21st centurys biggest challenges water, energy, and gas.
• A recently established R&D center with immense growth in the heart of Budapest.
• Cutting-edge technologies (Cloud, IoT).
• Personal development – English, soft skills, and technical training (Udemy, Pluralsight, etc.).
• Strong culture promoting work-life balance, remote and flexibility.