Principal Security Engineer - Platform

UK-London

careers

Req #: 23612
Type: Regular Full-Time
logo

SoftwareOne

Connect With Us:
Connect To Our Company
				Overview:

Strip away everything. Strip away our brand, strip away our buildings, strip away our offices. What are we left with? Our people. This is what makes SoftwareOne successful.

Passionate people who live and breathe our values every day, who delight our customers, every day, and who go above and beyond, every day. Our culture is unique, and I believe that having the right people, and empowering them to succeed, is the absolute key to our success.

Patrick Winter, Founder.

"SoftwareOne is an equal opportunity employer. With employee satisfaction as one of our core values, we are passionate about diversity and are committed to creating an inclusive environment for all of our employees. We want every employee to have the greatest experience of their career."

Responsibilities:

SoftwareOne is looking for an experienced Principal Security Engineer who possesses a blend of technical expertise, strong communication skills, and knowledge of the compliance process.

SoftwareOne's Marketplace Platform is a digital two-sided business automation platform for client engagement and vendor interaction. It provides a streamlined experience for clients to access, purchase, and manage various software products and services. As we continue to expand and enhance our offerings, we are committed to ensuring the highest level of security for our users.

The Principal Security Engineer will be leading our efforts in establishing a robust security framework.

Responsibilities

This role is critical in introducing security best practices and setting a security standard that all teams will strive to meet. You will work closely with our development, product and operations team to ensure our platform is secure and resilient against threats.

* Develop and implement a comprehensive security strategy for our marketplace platform
* Introduce and apply security best practices across the development lifecycle
* Work closely with development teams to integrate security into the design and development of new features and functionalities. Creating fun ways to spread technical security awareness throughout the engineering department
* Provide training and guidance to development and product teams on secure coding practices and threat modeling. Consider how malicious parties may compromise our systems, and advise developers and product managers on what defenses are needed
* Penetration testing - identify security vulnerabilities on our production or staged applications during internal pen test or help coordinate with external resources
* Taking ownership and responsibility of security audits, remediations and compensating controls
* Collaboration with the compliance and privacy teams - help ensure that our company complies with industry best practices and standards
* Playing a leadership role during any security events by evangelizing and conducting the right behaviors to achieve best outcomes

Qualifications:

* Proven in-depth experience of cyber security in a SaaS product environment.
* A hands-on engineer, who can implement security solutions and identify risks
* Experience of working with engineering teams to evangelize and improve security practices
* Implemented security policies and solutions via code
* Cloud experience - Azure is preferred, although a very strong candidate with significant AWS experience will be considered
* An effective and patient communicator, willing to devote extensive time towards teaching and advocacy in an engineering organization
* Able to navigate compliance processes, interfacing with the SoftwareOne CISO office, working with external consultants, and communicating with customers
* Able to intuitively solve highly complex problems
* Able to pragmatically prioritize and work calmly and effectively under pressure
* Recent experience of working on a green or blue team is an advantage
* Fluent English language capability

#LI-SE1
			
Share this job: