UN Security Engineer

Manpower

  • Milano
  • Tempo indeterminato
  • Full time
  • 21 giorni fa
DescrizioneManpower Group, in collaboration with SD Worx, is looking for a Security Engineer (m/f/x) to join the Milan office.We are looking for an Application Security Specialist to support us in building a best in class application security program from our SD Worx Italy (F2A) headquarters in Milano.The function is open for people from diverse professional background (e.g. development/test/consulting experience) and we are willing to adapt and further grow the function based on the experience and interests of the candidate.You will be working on the following major activities:
  • Assessment and improvement of the maturity of development teams in the use of pentesting, bug bounty, threat modeling architecture reviews, and optionally code review
  • Guiding and assisting product development teams in building increasingly secure applications and in improving the security of current products
  • Contributing to security by design & by default and converting this into a continuous improvement process by focusing on awareness
  • Following up on secure product development practices and trends and provide suggestions to further improve our secure development processes
  • Assisting in defining standards for security application development lifecycle
  • Improving automated security testing through various methods and tools
Relevant topics: AppSec, IT Security, SDLC, Agile, DevOps, Penetration testing, Pentest, Security Breach, Ethical hacker, Threat Modeling, OWASP, Application Security, Web Application Testing, Security Testing Automation, TLS, Veracode, SAST, DAST, API, Bug bounty, vulnerability managementTechnical Competencies:
  • At least 3+ years of experience in software engineering
  • Previous coding experience in at least one language
  • Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
  • You are familiar with the foundations of secure development and application security (AppSec/DevSecOps) concepts and practices and you are curious to learn more in this fast changing field
  • You are confident in coaching your fellow software engineers
  • Experience in preventing and mitigating application security vulnerabilities, and more specifically with concepts such as OWASP Top 10 and CWE Top 25
  • Penetration testing and bug bounty experience is beneficial but not required
Personal Competences:
  • Fast learner that is not afraid to continuously learn new skills and adapt to a fast changing environment
  • You are a team player that is interested in working with product developers or product owners to improve their application security skills
  • You take initiative and like to get things done
  • You are able to take a pragmatic approach in order to come up with solutions which are simple and feasible while keeping the end user in mind
  • Good English and Italian language skills
Hybrid modeAziendaSD Worx è un fornitore leader a livello europeo di software e servizi per la gestione delle risorse umane (HR) e delle buste paga. In Italia, SD Worx ha consolidato la sua presenza con l'acquisizione di F2A, diventando così il secondo polo più grande d'Europa per fatturato e dipendenti, con oltre 6.000 clienti e 1.300 professionisti distribuiti in 22 sedi.

Manpower