Back to Search
We're on the lookout for a seasoned Senior Security Engineer to join our remote team.
In this capacity, you'll play a pivotal role in crafting and applying top-tier security methodologies to both architectural frameworks and code. Your collaborative efforts will extend across diverse teams to pinpoint and address potential security vulnerabilities encompassing facets like authentication, authorization, network segmentation, encryption, container configuration, bastion host setup, and more. This role presents a distinctive chance to influence and steer security outcomes in a fiercely competitive and ever-evolving industry.
Responsibilities
- Craft and execute security best practices in both architecture and code
- Uncover and rectify potential security vulnerabilities linked to authentication, authorization, network segmentation, encryption, container configuration, bastion host setup, etc.
- Collaborate closely with cross-functional teams to propel security outcomes
- Devise and implement effective threat modeling strategies to unearth vulnerabilities
- Take charge of engineering responses to externally identified threats and vulnerabilities
- Assure compliance with pertinent security regulations and standards
- Generate and sustain security documentation, encompassing technical specifications and test scenarios
- Consistently assess and enhance security metrics to pinpoint areas for improvement
- Keep abreast of emerging security trends, threats, and technologies to maintain a competitive edge
- Serve as a subject matter expert on security-related concerns
Requirements
- Accumulated 3+ years of hands-on experience in security engineering or analogous roles
- Demonstrated expertise in conceptualizing and implementing security best practices in architecture and code
- Aptitude to guide engineering responses to externally identified threats and vulnerabilities
- Proficiency in collaborating with teams to pinpoint and rectify potential security gaps linked to authentication, authorization, network segmentation, encryption, container configuration, bastion host setup, and more
- Holistic knowledge of IT infrastructure, spanning AWS cloud services, IP networks, applications, databases, and operating systems
- Proficiency and hands-on experience with Docker, ECS, Kubernetes, and container security
- Extensive exposure to embedded software development and architectures, security protocols, applied cryptography, and security standards
- In-depth comprehension of the TCP/IP protocol stack and major protocols
- Working familiarity with one or more general-purpose programming/script languages, including Java, C/C++, C#, Python, JavaScript, PowerShell
- Outstanding English communication skills, both written and verbal, for seamless global collaboration
Nice to have
- Hands-on experience with Metasploit and QRadar
- Knowledge of SSL/TLS protocols and applications
- Familiarity with secure SDLC methodologies
- Background in using security tools and platforms such as Nessus, Burp Suite, and Nmap
Benefits
- International projects with top brands
- Work with global teams of highly skilled, diverse peers
- Healthcare benefits
- Employee financial programs
- Paid time off and sick leave
- Upskilling, reskilling and certification courses
- Unlimited access to the LinkedIn Learning library and 22,000+ courses
- Global career opportunities
- Volunteer and community involvement opportunities
- EPAM Employee Groups
- Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn