Senior Application Security Engineer

Há 1 mês


Lisboa, Portugal Springer Nature Tempo inteiro

Senior Application Security Engineer Building services that enable others
Springer Nature is one of the world's leading global research, educational and professional publishers. It is home to an array of respected and trusted brands and imprints, with more than 170 years of combined history behind them, providing quality content through a range of innovative products and services. Every day, around the globe, our imprints, books, journals and resources reach millions of people, helping researchers and scientists to discover, students to learn and professionals to achieve their goals and ambitions. The company has around 10,000 staff in over 50 countries.
We're looking for an experienced Application Security Engineer to make AppSec capabilities an integral and frictionless part of our platforms.
About us: Engineering Enablement The Engineering Enablement (EE) department consists of around 60 people, spread over teams that closely collaborate to fulfil our mission. In Springer Nature Technology (SNT) we serve different core expertise: PaaS, Databases, Observability and Cloud- and Release Engineering. You will join a multidisciplinary team with different nationalities, backgrounds and experience levels. We are a very distributed department but sometimes we travel to work with each other in person. We are based around the globe with main locations in London, Dordrecht, Berlin, Lisbon and New York.
Our Technology We have built platforms serving hundreds of developers at scale around the world. We are making more and more use of Kubernetes as a backend container platform and integrating this into our platform offering. We are leveraging the power of Kubernetes to build a new PaaS that will co-exist with the current Cloud Foundry Platform, as well as managing an internal database platform that runs over 1,200 database servers.
Your team This role is within the Engineering Enablement department (EE), whose mission is to enable frictionless product development by providing managed platforms.
You will work together with the EE security architect and 2 other security engineers to establish streamlined application security capabilities within these platforms. This is a new community of security experts within the department that needs building up and shaping together. You will work together with the central security transformation and security operations teams to ensure the company-wide initiatives are represented in and consulted by EE.
As with all teams in EE, we closely collaborate with the departmental teams that provide the platform's surrounding and centralised services and also with all the product development teams within Springer Nature.
Your responsibility Our internal users run around 4000 applications within our platform, deploying them through our CI/CD systems many times a day. Together with your team, your responsibility is to make sure that the needed security measures are a frictionless and trusted part of those processes.
The company-wide security maturity program aims to build up a global application-, data- and infrastructure security strategy - your responsibility is to help inform that strategy and ensure EE fulfils its part of that. As EE sits within a larger organisation, you and your team members make sure we establish a culture of shared responsibility and accountability within the teams building on top of our platforms.
You will contribute to the evolution of our application security measures through leveraging IaC, maximising customer self-service and living the continuous integration mindset. You help to improve and optimise our existing security landscape and consult our internal customers on improving their application security stance.
Key Tasks: Maintaining and improving the AppSec capabilities of our platform
Running and integrating AppSec tooling into the continuous integration processes of development teams
Support the creation of company-wide structures and initiatives that drive improvements in application security
Driving a "Shift-left" approach to application security accountability and responsibility with a focus on enabling development teams
Working closely with other security focused teams in the company, shaping our overall security strategy
Consulting teams on best practices related to application security
Selecting and potentially facilitating application security training
Working with the team to document policies, processes, procedures, and technical designs related to application security
Monitoring our overall security stance and using that data to improve our application security capabilities
You will have the opportunity to work on new challenges and drive the evolution of our services in a collaborative and supportive environment.
About you You are a friendly team member who is modest and humble, open to learning from anyone regardless of age, gender, race, role or experience. You value social interactions and can self-reflect by asking questions. You have a strong preference for working together, sharing knowledge and training others.
Desired Skills and Experience: High sensitivity for security-relevant issues
Experience with Infrastructure as Code, for automation and configuration management
Programming experience with Golang or at least one modern language
Experience in operating and maintaining cloud infrastructure
Knowledge of secure coding practices and patterns
Understanding of SDLC (Software Development Life Cycle)
Experience with cloud platforms, ideally GCP
Preferred Skills and Experience: Experience with common CI/CD tools
Experience with containerization
High user and customer orientation
Strong conceptual skills, logical/analytical thinking & problem-solving skills
Experience in contributing to the architecture and design of new and existing systems
Programming experience with languages used by our delivery streams (e.g. Java, Kotlin, .Net)
Proficiency with security tools & technologies (SAST, DAST, IAST, SCA)
Knowledge of common web application security (OWASP Top Ten)
Experience using a maturity model such as BSIMM
Facilitate threat modelling across systems and services
We are looking forward to your application. After reviewing your CV our Talent Acquisition team will contact you to schedule a short initial phone/video call. After getting this first step we will run 2-3 rounds (introductory, technical, cultural) with you - all of these with different members of the Engineering Enablement department and our peers in the CISO department. When appropriate these phases will be held via phone /video calls.
#LI-AR1

#J-18808-Ljbffr



  • Lisboa, Portugal Springer Nature Group Tempo inteiro

    Springer Nature Group We are a global publisher dedicated to providing the best possible service to the whole research community. We help authors to share their discoveries; enable researchers to find, access, and understand the work of others and support...Springer Nature is one of the world's leading global research, educational, and professional...


  • Lisboa, Lisboa, Portugal WhiteSource Tempo inteiro

    Job SummaryWe are seeking a highly skilled Senior Application Security Specialist to join our team at WhiteSource. As a key member of our security team, you will be responsible for performing security source code analysis, analyzing application vulnerabilities, and providing mitigation strategies.ResponsibilitiesPerforming security source code analysis to...


  • Lisboa, Lisboa, Portugal Springer Nature Group Tempo inteiro

    About UsSpringer Nature Group is a global publisher dedicated to providing the best possible service to the research community. We help authors share their discoveries and enable researchers to find, access, and understand the work of others.Our MissionWe're looking for an experienced Application Security Engineer to make AppSec capabilities an integral and...


  • Lisboa, Portugal Noesis Tempo inteiro

    Junior Application Security EngineerLisboa · Published on October 17, 2024Description:Noesis is looking for professionals with the following profile:Junior Application Security Engineer with a strong interest in secure software development and a collaborative, hands-on approach. This role requires a passion for learning and an eagerness to work closely with...


  • Lisboa, Lisboa, Portugal Fortis Games Tempo inteiro

    About the RoleAt Fortis Games, we are seeking a highly skilled Senior Application Security Specialist to manage all aspects of our application cybersecurity needs. As part of our team, you will be responsible for owning the Application Security technology stack and associated processes and procedures.Key ResponsibilitiesHelp maintain our build & deployment...


  • Lisboa, Lisboa, Portugal Noesis Tempo inteiro

    Secure Software Development RoleNoesis is seeking a skilled professional to join our team as a Junior Application Security Engineer.This role involves working closely with development teams to integrate security into the development lifecycle. The ideal candidate has a developer mindset and is motivated to learn and apply security best practices within an...


  • Lisboa, Lisboa, Portugal Datadog Tempo inteiro

    About the Role: We're looking for an experienced Senior Engineering Manager to lead our Application Security team. The ideal candidate will have a strong technical background, excellent leadership skills, and a passion for security. Main Responsibilities:Manage a team of 3+ Engineers50% hands-on developing in Ruby, Python, or GoContribute to library...

  • Security Engineer

    Há 1 mês


    Lisboa, Portugal Sword Health Tempo inteiro

    Sword Health is on a mission to free two billion people from pain as the world's first and only end-to-end platform to predict, prevent and treat pain.Delivering a 62% reduction in pain and a 60% reduction in surgery intent, at Sword, we are using technology to save millions for our 2,500+ enterprise clients across three continents. Today, we hold the...


  • Lisboa, Lisboa, Portugal Intapp Tempo inteiro

    About the RoleIntapp is seeking a highly skilled Senior Product Security Engineer to join our application security team. As a key member of our team, you will be responsible for ensuring the security and integrity of our products. Your expertise in Java and Python will be invaluable in this role.Key ResponsibilitiesDefining security requirements for our...


  • Lisboa, Lisboa, Portugal Alter Solutions Group Tempo inteiro

    Job DescriptionWe are seeking an experienced Senior Application Security Professional to join our team at Alter Solutions Group. As a key member of our security team, you will be responsible for ensuring the robustness and compliance of our application security measures.Key Responsibilities:Secure Software Development Life Cycle (SDLC): Implement and...


  • Lisboa, Portugal Reltio Tempo inteiro

    At Reltio, we believe data should fuel business success. Reltio's AI-powered data unification and management capabilities—encompassing entity resolution, multi-domain master data management (MDM), and data products—transform siloed data from disparate sources into unified, trusted, and interoperable data. Reltio Data Cloud delivers interoperable data...


  • Lisboa, Lisboa, Portugal Datadog Tempo inteiro

    **Company Overview**Datadog is a leading company in the field of application security, providing real-time monitoring and risk management solutions for web applications, serverless applications, and APIs. About the RoleWe are seeking an experienced Senior Software Engineering Team Lead to join our Application Security team. The successful candidate will...


  • Lisboa, Portugal Reltio Tempo inteiro

    At Reltio®, we believe data should fuel business success. Reltio's AI-powered data unification and management capabilities—encompassing entity resolution, multi-domain master data management (MDM), and data products—transform siloed data from disparate sources into unified, trusted, and interoperable data. Reltio Data Cloud™ delivers interoperable...


  • Lisboa, Portugal Fórum Selecção - Consultoria em Recursos Humanos e E.T.T. Tempo inteiro

    **Fórum Selecçãois looking for a Senior Application Security Expert (M/F) for a Corporate Banking Client. Location: Lisboa/Porto Main Tasks: - Be part of the Application Security Core Team of IT Group Cybersecurity and Digital Fraud; - Contribute to the deployment of the Application Security strategy of the Group, by participating as a key actor of its...


  • Lisboa, Portugal Reltio Tempo inteiro

    At Reltio, we believe data should fuel business success. Reltio's AI-powered data unification and management capabilities-encompassing entity resolution, multi-domain master data management (MDM), and data products-transform siloed data from disparate sources into unified, trusted, and interoperable data. Reltio Data Cloud delivers interoperable data where...


  • Lisboa, Portugal Reltio Tempo inteiro

    Reltio Our Connected Data Platform – the industry's first cloud-native, SaaS master data management solution (MDM) – unifies and cleanses multi-source, complex data into a single source of trusted information. You get insight-ready, real-time data at... At Reltio, we believe data should fuel business success. Reltio's AI-powered data unification and...


  • Lisboa, Portugal Intermedia.Net, Inc. Tempo inteiro

    Culture at Intermedia is built on teamwork and transparency.We hold each other accountable and always have each other's back!Sr. Application Security Engineer (Portugal) Are you looking for a company where YOUR VOICE is heard? Where you can MAKE A DIFFERENCE ? Do you THRIVE in a FAST-PACED work environment? Do you wake every morning EXCITED to work with...


  • Lisboa, Lisboa, Portugal Intapp Tempo inteiro

    About the Role: We're expanding our application security team and are looking for a skilled Cybersecurity Engineer with experience in Java and Python to join our team at Intapp.About You: To be successful in this role, you'll need 8-10 years of experience in a cyber security engineering role, including at least 3+ years in an Application Security role and 5+...


  • Lisboa, Lisboa, Portugal Intapp Tempo inteiro

    Job SummaryWe are seeking a skilled Cyber Security Engineer to join our Application Security team at Intapp. This is an exciting opportunity for a seasoned professional with expertise in Java and Python.About the RoleThis role involves focusing on a subset of our products, gaining in-depth understanding, and collaborating with development teams to build...


  • Lisboa, Lisboa, Portugal Intapp Tempo inteiro

    Role OverviewWe're expanding our application security team at Intapp, seeking a seasoned Senior Product Security Engineer with expertise in Java and Python to join our dynamic group.Your primary focus will be on a subset of our products, gaining in-depth understanding and collaborating with development teams to design secure features by default.