Dec 10, 2021

Security Engineer

  • Swissquote
  • Gland, Switzerland
Full time Information Security Network Engineer

Job Description

As a Security Engineer, you will work with cross-functional teams on the next projects and products that will make our success. You will play a key role in the field of security engineering by integrating and automating security tools in a CI/CD pipeline. You will also implement automated security testing at scale to measure vulnerability, and report on risk across all microservice, web and mobile platforms. Together with the other members of the IT Security team, you will drive and define the production security roadmap in cooperation with Software Engineering, IT and Management.

We are looking to build bridges about security between IT and Development and to find people motivated to take the lead in application security. If this is something that sounds great for you, then we look forward to hearing from you.

Main Responsibilities

With technical teams

  • Organize and follow up on external Pen Test
  • Develop internal Pen Test and Security Testing capabilities in collaboration with Developments & Operations Teams
  • Assist in creation of security training forTechnical Teams on Security Best Practice in the area of development & web technologies
  • help development team integrate application security in standard development workflow and constantly improve the level of security, by developing initiative such as bug bounty programs.

  • Contribute to the design of WAF rules & IOC

With Product organisation

  • Support product manager and product organization in the elaboration of technical solution
  • Support and consult with product and development teams in the area of application security.

With IT Security team

  • Contribute to the development and implementation of intenal strategies, policies and control framework
  • Work with other member of the team on IT security initiatives and contribute to drive our cyber resilience maturity

Qualifications

  • Bachelor or Master in Computer Science or similar
  • Experience with OWASP, static/dynamic analysis
  • Strong experience of vulnerability scanning solutions, both commercial and open-source (metasploit, ZapProxy, Nikto & OWASP tools).
  • Familiarity with security controls, and common security flaws.
  • Very good knowledge web related protocols and security features (such as TCP/IP, UDP, HTTP, HTTPS, TLS, CSP, etc..).
  • Experience in implementing security processes in Agile environments
  • Understanding of Java & Webdev languages and tools
  • Experience in writing and maintaining security policies and procedures
  • Experience in providing security training to developers

Soft skills

  • Very strong analysis skills
  • Ability to collaborate with developers on advanced technical topics
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
  • Basic knowledge of French is a plus
  • Ability of provide business oriented solution
  • Ability of work independently and to be a good team player
  • Minimum 5 years in a previous position in the IT field

Additional Information

A BANK THAT DOESN'T LOOK LIKE ONE
Located near Geneva and the lake, our Headquarters gathers 600 of our employees: young (34 years old average), multicultural (50 nationalities) and wearing what suits them best. You will find a friendly atmosphere in an open and inclusive environment. Spacious offices, home-office policy, outdoor terrace, sports clubs and even... a real Pub for after-work moments.

Make your move in a challenging environment that offers you an exciting opportunity to boost your career and develop solid banking and financial business expertise.