The IT-Security and Cloud Consultant will provide technical leadership for our Security Development Lifecycle of the Infrastructure Product Portfolio by establishing clear direction, a dynamic security culture, and measurable goals to continually improve our application security strategy.
This individual will integrate security processes and tools across the development organization for Surface Area, Static Code Analysis, Dynamic Code Analysis, and Penetration testing as well as execute security training programs for developers. Candidates must be able to approach application security with a pragmatic perspective of risk management and avoid purely academic thinking about software security.
In addition, this role implies a leading role in consultancy of software deployment in the cloud. The individual will be responsible to design, manage and secure data, applications and infrastructure in the cloud.
We Offer You
- Stable contract of employment.
- Possibility of remote work.
- Sports package and private health care.
- Group life insurance.
- Good working atmosphere.
- Working in international environment.
- Evangelize security best practices within the development teams and build security expertise across the organization.
- Manage regular security reviews with the product development teams and present summary level reports to Infrastructure leadership team.
- Provide selected support to the internal Legal and Sales Proposals teams as well as occasional best practice security support to external customers in the Infrastructure markets.
- Leading company efforts to gain additional security certifications.
- A completed bachelor’s degree in Computer Science, Software Engineering or related technical field is required.
- 3+ years of progressively more complex AppSec experience at a medium to large size software company.
- In-depth experience with common security tools across SAST, DAST, IAST, and PenTest vendors.
- Familiar with GDPR principles and personal related data.
- Expert knowledge of OWASP Top 10 and CWE/SANS Top 25 listings as well as practical, hands-on experience with the development, testing, and remediation of software security issues a plus.
- Familiarity with agile development processes and experience integrating secure development best practices into an agile model, Microsoft SDL experience a plus.
- Software engineering experience with Microsoft and/or Java web applications, specific experience with ASP.NET, and Angular a plus.
- CCSP (Certified Cloud Security Professional) a plus.
- Familiarity with industry standards and regulations including but not limited to ISO27034, ISO27001 and Privacy by Design/Privacy by Default.
- Strong personal ethics and understanding of ethics in Application and Information security.
- Healthcare package
- Leisure package
- Financial bonus
- Healthcare package for families
- Leisure package for families
- Language courses
- Adaptation tips
- Help finding an apartment
- Car parking
- Bicycle parking
- Cold beverages
- Hot beverages
- Chill room
- Integration events
HEXAGON | Intergraph Polska Sp. z o.o.
Hexagon is a global leader in sensor, software and autonomous technologies. We are putting data to work to boost efficiency, productivity and quality across industrial, manufacturing, infrastructure, safety and mobility applications.
Our technologies are shaping urban and production ecosystems to become increasingly connected and autonomous — ensuring a scalable, sustainable future.
Hexagon (Nasdaq Stockholm: HEXA B) has approximately 21,000 employees in 50 countries and net sales of approximately 3.8bn EUR. Learn more at hexagon.com and follow us @HexagonAB.
Let us share with you Our Story: https://hexagon.com/our-story !