Keep millions of users and their banking data safe and secure.
No day at Backbase is the same, and even more so for our security engineers. We all know that security and banking need to go hand in hand, and with hackers and tech evolving daily, you'll need to stay on your toes and ahead of the game.
Your core responsibility is to guide and support developer teams in delivering and deploying secure banking solutions. You will analyze software from a security perspective, identify and resolve security issues, and provide guidance and workshops on secure coding, security testing, and working with security tools. Your input helps improve security in the SDLC with its tools and processes. You will validate that application security requirements are met, perform security code reviews, and suggest improvements. You will work closely with customer-facing development and operations teams, mentor new team members, and act as the security go-to person.
What you'll do
Looking for a journey instead of a job? Then let's talk! We are THE pioneers in banking tech, pushing limits and breaking barriers to make things happen. We learn and reinvent ourselves for maximum impact, with a customer-centric mindset and a passion for our work. We celebrate our successes together, have fun, and aim to deliver our vision. Are you ready?
As a Senior Application Security Engineer, you'll be part of a team ensuring we build, maintain, and deploy secure software used by millions worldwide. If you have a hacker mindset, are passionate about security, and eager to extend your knowledge, this is the place for you.
Who you are
To own this role, you should have :
* A good understanding of application security and common vulnerabilities;
* Expertise in one of frontend, backend, or mobile security domains;
* Knowledge of DevOps and cloud-native technologies;
* A successful track record in resolving application security issues;
* A background in development and understanding of the SDLC;
* Professional level English, written and spoken.
Additional experience in the following areas would be beneficial :
* Implementing OWASP ASVS / M-ASVS and SKF;
* Using SAST, SCA, IAST, and RASP tools in the SDLC;
* Facilitating threat modeling sessions;
* Penetration testing web and mobile applications;
* Training developers on application security concepts;
* Familiarity with GDPR and PCI-DSS regulations.
J-18808-Ljbffr
#J-18808-Ljbffr