Lead Security Systems Engineer Kazakhstan or Remote
Lead Security Systems Engineer Description
Job #: 74600
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
We are looking for Lead Security Systems Engineer to join our team and help protect software solutions delivered by EPAM for our products and our top clients.
You will be working with security team that is dedicated to making EPAM products and technologies as secure as possible. You will cooperate closely with the engineering teams to help them enable and operate S-SDLC and specialize in defining security requirements, performing risk assessments, threat modelling, code reviews, and elaborating on the best remediation solutions with architects and developers.
#LI-DNI
#LI-DNP
We are looking for Lead Security Systems Engineer to join our team and help protect software solutions delivered by EPAM for our products and our top clients.
You will be working with security team that is dedicated to making EPAM products and technologies as secure as possible. You will cooperate closely with the engineering teams to help them enable and operate S-SDLC and specialize in defining security requirements, performing risk assessments, threat modelling, code reviews, and elaborating on the best remediation solutions with architects and developers.
#LI-DNI
#LI-DNP
What You’ll Do
- Perform security source code analysis using Checkmarx Static Analysis Security Testing (SAST) and Software Composition Analysis (SCA) tool
- Analyze application architecture and technologies
- Research and POCs based on vectors of attack
- Provide mitigation strategies for security vulnerabilities
- Implement SAST custom rules to reduce false positives and false negatives
- Lead the team, value knowledge sharing, grow the team expertise
What You Have
- Knowledge of Checkmarx Products and Solutions
- Strong coding or debugging skills in one, or more, of these programming languages: Java/.NET/JavaScript/Python/Android/iOS/PHP
- Experience testing web applications/services, identifying and remediating OWASP top 10 security flaws, and understanding large complex systems quickly
- Strong knowledge of basic HTTP/HTTPS protocol
- Proactive and sense of ownership
- Good communication skills due to the remote nature of the job
- Background in application security and/or static analysis (penetration testing/security code review/SCA tools)
- Good knowledge of English: writing B1 and speaking B1+
Nice to have
- DevOps
- OWASP Top 10
- Secure Coding
Technologies
- Checkmarx Products and Solutions
We offer
- Experience exchange with colleagues all around the world
- Competitive compensation depending on experience and skills
- Regular assessments and salary reviews
- Social package: medical care, sports, family care
- Free English classes
- Opportunities for self-realization
- Friendly team and enjoyable working environment
- Flexible working schedule
- Corporate and social events
