Solaborate is looking for a Lead Software Security Engineer with great experience and expertise in cybersecurity to help us verify and improve the security of our company's system, products and applications. Your job is to conduct advanced penetration tests on our system and identify any breaches or weaknesses in the security setup.
We are looking for someone who can focus and collaborate, who is dedicated to excellence and can successfully grow within the organization.
- Ensures the security of the software products developed for our customers.
- Work with Development and Test teams to perform penetration tests, manual and automated vulnerability assessment scans, risk assessments, code reviews, and assist with remediation.
- Identify and report vulnerabilities identified in applications and their supporting infrastructure, and research threat and attack vectors that impact our applications.
- Work with Software Team to develop and maintain the Software Products Security Strategy per industry best practices
- Work to improve our Software Products Security posture to reduce risk. Perform research to detect new attack vectors
- Continually review and understand new industry security threats and associated technologies
- Work with Software Team to ensure solutions are not only secure by design, but also throughout execution and evolution, with focus on corporate goals, strategy, process interdependencies, etc.
- Participate in architecture design discussions for upcoming feature enhancements and new products/services, ensuring security best practices are followed in each phase of development and ensuring risks are understood and mitigated in the design choices.
- Perform continuous risk assessments and assist with developing remediation strategies
- Perform continuous penetration testing, code reviews, and design/architecture reviews
- Identify and remediate weaknesses in our processes and procedures
- Ensure solutions remain secure ongoing, whether via code scan techniques, penetration testing, or other means, as available.
- Experience with various C2 frameworks and Simulation tools such as Cobalt Strike, Empire, Metasploit, Immunity CANVAS, Core Impact, Covenant, Silent Trinity.
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Thorough understanding key attack phases such as initial access, code execution, privilege escalation, lateral movement, and data exfiltration.
- Previous experience or proficiency with Incident Detection and Response is a plus
- Proficiency in one or multiple programming languages such as C/C++/C#, Python, Go, PERL.
- Must have excellent written and oral communication skills.
- 3-4 Years managing and creating security systems, solutions, policy and procedure
- Proven work experience as a system security engineer or information security engineer
- Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Develop automation scripts to handle and track incidents
- Collaborate with colleagues on authentication, authorization and encryption solutions
-Evaluate new technologies and processes that enhance security capabilities
- Deliver technical reports on test findings
- Recommend modifications in legal, technical and regulatory areas that affect IT security
- Bachelor’s degree or Master’s Degree Preferred.
We are located at the center of Pristina
Work Schedule: 9:00AM - 5:00PM
Working Days: Mon-Fri
Great Health Insurance Plan
We offer a fast-paced environment that is perfect for people who love seeing their work make a big difference in a large audience.
Work with a great experienced team and grow together.
Possibility to travel across the world.
More info about HELLO products:
Start Date: ASAP
Solaborate LLC is an Equal Opportunity Employer. All applications will be treated with the strictest confidence. Only short-listed candidates will be notified.