Senior Security Engineer - 12 month contract
Remote across Canada
Talentlab has partnered with a new client on to help find top talent for an exciting, and history making initiative. From applied research to advanced engineering, our client’s 5G R&D team will design and develop ground-breaking products & solutions. As a Senior Security Engineer, you will be responsible for putting in place a security development lifecycle (SDLC) and implementing it on several different development teams. You will help each of those teams assess security vulnerabilities, explore possible solutions and guide them to adopt better development practices.
• Implement a security development lifecycle (SDLC) on several development scrum teams
• Assess vulnerabilities on software and work with development teams to implement fixes
• Participate in creation and review of design document that will drive the implementation of the 5G O&M Software
• Work to identify and drive improvements, integration and test automation
• 5+ years relevant experience doing information security work or equivalent
• 3 years of demonstrated application security experience
• Software development proficiency (Go, Ruby, Python, Java, C#, or Obj-C/Swift).
• Experience with security scanning tools such as Black Duck, Burp Suite, Nessus, Twistlock, etc
• Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques
• In-depth knowledge of OWASP Top 10 and CWE 25, with proven track record and expertise in implementing and integrating remediation strategies
• Deep understanding of authentication protocols and frameworks.
• Experience with driving and implementing secure development practices into SDLC
• BS in Computer Science or equivalent work experience
• Background in cloud, host, network, or application security
• Experience in web application design, penetration testing, application risk assessment and risk categorization
• Experience from Telecom space a plus
• Demonstrated knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture.