Back to Search
We're actively seeking a seasoned Senior Security Engineer to join our remote team.
As a key player in this role, you'll take charge of formulating and enacting security best practices within architecture and code. Collaborating closely with diverse teams, you'll pinpoint and address potential security vulnerabilities spanning authentication, authorization, network segmentation, encryption, container configuration, bastion host setup, and more. This role presents a distinctive chance to influence and steer security outcomes in a competitive and ever-evolving industry.
Responsibilities
- Spearhead the development and integration of security best practices into both architecture and code
- Detect and address potential security vulnerabilities encompassing authentication, authorization, network segmentation, encryption, container configuration, and bastion host setup
- Collaborate closely with diverse teams to orchestrate impactful security outcomes
- Devise and execute effective threat modeling strategies to pinpoint vulnerabilities
- Take charge of engineering solutions for externally identified threats and vulnerabilities
- Ensure adherence to pertinent security regulations and standards
- Craft and manage comprehensive security documentation, encompassing technical specifications and test scenarios
- Regularly assess security metrics, identifying and enhancing areas of vulnerability
- Stay abreast of emerging security trends, threats, and technologies to maintain a competitive advantage
- Serve as a subject matter expert on all security-related matters
Requirements
- Possess a minimum of 3 years of experience in security engineering or analogous roles
- Demonstrate a proven track record in designing and implementing security best practices in both architecture and code
- Lead engineering efforts to address externally identified threats and vulnerabilities
- Work collaboratively with teams to identify and address potential security gaps related to authentication, authorization, network segmentation, encryption, container configuration, and bastion host setup
- Display comprehensive knowledge of IT infrastructure, covering AWS cloud services, IP networks, applications, databases, and operating systems
- Exhibit proficiency and hands-on experience with Docker, ECS, Kubernetes, and container security
- Have extensive experience in embedded software development and architectures, security protocols, applied cryptography, and security standards
- Possess a deep understanding of the TCP/IP protocol stack and major protocols
- Possess working knowledge of one or more general-purpose programming/script languages, including Java, C/C++, C#, Python, JavaScript, and PowerShell
- Exhibit excellent English communication skills, both written and verbal, for effective global collaboration
Nice to have
- Previous experience with Metasploit and QRadar
- Familiarity with SSL/TLS protocols and applications
- Knowledge of secure SDLC methodologies
- Experience with security tools and platforms such as Nessus, Burp Suite, and Nmap
Benefits
- International projects with top brands
- Work with global teams of highly skilled, diverse peers
- Healthcare benefits
- Employee financial programs
- Paid time off and sick leave
- Upskilling, reskilling and certification courses
- Unlimited access to the LinkedIn Learning library and 22,000+ courses
- Global career opportunities
- Volunteer and community involvement opportunities
- EPAM Employee Groups
- Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn