Description
About the role
EPAM is looking for an experienced Application Security Engineer to ensure the architectonic safety of our digital portfolio. You will work hand-in-hand with our Security Architect to implement secure coding guidelines, conduct thorough code reviews, and facilitate threat modeling in the medical product development lifecycle.
Stay ahead of industry trends while experiencing continuous learning and career development in a dynamic and collaborative work environment. Youll have the unique opportunity to participate in the product development lifecycle of advanced medical applications, all while wielding the latest technology advancements in the security field.
Responsibilities
1. Driving Security Architecture & Solutions in collaboration with the Security Architect for our core digital portfolio and future products
2. Conduct extensive Threat Modeling and analyze weaknesses within the system
3. Work hand-on-hands with Security Architecture embedded Security-by-Design and Threat Modeling practices into the product development cycle
4. Implement secure coding practices and provide secure libraries, ensuring the software is safeguarded at a foundational level
5. Provide guidance on secure coding practices and conduct thorough code reviews, guiding the development team in addressing potential security issues
6. Define global security models across core business verticals, ensuring secure integration with backend systems
7. Develop appropriate technical and organizational security controls to mitigate identified risks, including encryption, access controls, and authentication mechanisms
8. Execute Security-By-Design principles and contribute to driving Product Security Excellence
9. Conduct security awareness training for employees developing, deploying, and maintaining medical devices
Requirements
10. Bachelors Degree in Computer Science, Cybersecurity OR equivalent experience
11. 5+ years of experience in Application Security, preferably in the medical or healthcare sector
12. Relevant certifications such as Certified Application Security Engineer (CASE) or similar would be highly advantageous
13. Expertise in secure coding practices and in-depth knowledge of at least one programming languages, including but not limited to .NET, Python, and JavaScript
14. Familiarity with threat modeling methodologies and tools such as STRIDE, DREAD, or Attack Trees
15. Advanced interpersonal skills with the ability to articulate complex technical concepts to non-technical personnel and conduct effective security awareness training
16. Expertise with common security libraries, security controls, and common security flaws
17. Security Knowledge: Solid understanding of network access, identity, access management, applied cryptography, network security methodologies, and secure software development methodologies
18. Knowledge and experience identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
19. Deep expertise with more than one of the following areas: API security Cryptography Identity and Access Management Application Security practices
We Offer
20. A competitive group pension plan and protection benefits including life assurance, income protection and critical illness cover
21. Private medical insurance and dental care
22. Cyclescheme, Techscheme and season ticket loans
23. Employee assistance program
24. Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more
25. EPAM Employee Stock Purchase Plan (ESPP)
26. Various perks such as gym discounts, free Wednesday lunch in-office, on-site massages and regular social events
27. Certain benefits and perks may be subject to eligibility requirements and may be available only after you have passed your probationary period
About EPAM
28. EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential