Job Data Security/ Compliance

Security Engineering Lead

  • Nitro inc
  • Dublin, Ireland
  • December 03, 2021
Security Engineering AWS DevSecOps 

The Role 

We are looking for a highly motivated, self-sufficient and talented Security Engineering Lead who can help build out a nascent shift-left Product Security initiative. We are looking for an innovator who strives to continuously iterate, improve and learn. The Security team at Nitro focuses on partnering with development groups throughout the company to create and deliver applications and services that are secure. Our work includes audits such as code reviews, threat models and penetration testing assessments. We also build partnerships with engineering teams in defining security-related requirements and providing input on design proposals. The team will also create tools and practices which will allow us to scale our work to cover a diverse and complex set of code bases across the broader organization. 

 
What You Will Be Doing 

  • Assess the current state of Product Security and set a high bar for the development of a scalable, developer-focused security strategy 
  • Select and/or design and build security tools to be integrated within the CICD pipeline 
  • Perform reviews ranging from architectural design to threat modeling and source code level assessments, providing actionable recommendations to make Nitro’s products and services more secure 
  • Collaborate closely with engineering and security personnel on security-focused code reviews and implementation of security best practices in essential systems across the company 
  • Write and/or use tools to help identify application security flaws and work with engineering teams to make sure that issues are remediated 
  • Be capable of prioritizing security efforts in the broader business context, as well as helping teams understand the prioritization of security mitigation work 
  • Help build solutions to secure and transfer valuable data through Nitro’s systems and services 
  • Triage and respond to vulnerability reports and potential incidents 
  • Provide technical leadership to junior members of the security organization 
  • Five + years of experience in the application security space helping to secure complex web, desktop and mobile applications and their architectures (experience with Scala, GoLang and/or C/C++ a plus) 
  • A history of independently finding high impact vulnerabilities and participating in the creation of tools that help find security issues 
  • A track record of contributing to projects from design to implementation and through maintenance 
  • A broad and practical understanding of security fundamentals and their application in real world environments 
  • Experience assessing, selecting, and using static, dynamic and SCA security tools 
  • Practical knowledge and experience working in public cloud environments (AWS, Azure, etc.)  
  • An interest in conceiving and building creative solutions to complex security problems and scaling the team’s impact through DevSecOps solutions 
Apply
Related Feeds