Senior Cloud Application Security Engineer
Senior Cloud Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Senior Cloud Application Security Engineer
Location: Warsaw (Hybrid) or Anywhere from Poland (Remote)
Sportradar is the leading global provider of sports data and entertainment products and services. Since 2001 we have occupied a unique position at the intersection of the sports media and betting industries; providing sports federations news media consumer platforms and sports betting operators with a range of solutions to help grow their business.
The Information Security group provides services to ensure confidentiality integrity and availability of information and systems owned by Sportradar and its subsidiaries.
The Product Security unit within Information Security works primary with the Engineering group to ensure that the products & services developed by its Tribes are SecurebyDesign and remain SecureinProduction. This includes coaching developers on secure development practices building products for our cloud environment that help developers prevent vulnerabilities and misconfigurations arising over time and managing the attack surface so that engineers can focus their remediation efforts on the highest criticality vulnerabilities specific to Sportradars risk profile. We also run an external BugBounty programme for inscope applications as well as a Security Champions community across Sportradar.
ROLE OVERVIEW:
The Senior Cloud Application Security Development professional will be part of the Secure Software Development team within Product Security dedicated to fixing identified applicationlevel vulnerabilities whilst coaching Tribe members in secure development practices. The successful candidate will work in a consultative capacity across multiple tribes so should be comfortable in dipping in to help solve different problems with different teams nationalities and locations. Excellent technical interpersonal and communications skills are key to this role.
In addition to working with Tribes the successful candidate should also be comfortable in developing tools and utilities to improve the security of cloud resources whilst not hindering developer productivity.
The role will report into the Senior Manager Product Security and will be part of a multidisciplinary team of developers with experience in Secure Software Development (SSD) and Attack Surface Management (ASM) to deliver initiatives and guiding principles that will help identify and mitigate vulnerabilities within the products that Sportradar develops. The Senior Cloud Application Security Development professional will also work closely with 3rd parties (e.g. Bug Bounty programme) as well as other teams within the wider Security group (e.g. GRC SOC etc.).
THE CHALLENGE:
- Respond to identified vulnerabilities in our applications and cloud environments without jeopardizing product roadmap.
- Evangelize and coach engineers on secure design & development practices through threat modelling and help remediate findings through pairprogramming sessions.
- Cross pollination of secure development techniques and best practices across engineering tribes.
- Collaborate across both SSD and ASM teams in Product Security to ensure unit initiatives are successfully delivered.
- Be onhand to assist colleagues as part of our incident response process should this be required.
YOUR PROFILE:
Personal Requirements:
- You get excited by challenges and have a positive cando attitude in working with different teams locations and technologies to achieve the best outcome.
- You are interested in cloud and application security and thrive on having multiple problems to solve together with a continuous learning mindset.
- You enjoy diving in and figuring the crux of a problem quickly and helping provide a pragmatic solution to the team whilst efficiently communicating the outcome to techies and managers alike.
- You are comfortable with mentoring others and taking a lead role for an initiative to help deliver the intended outcomes.
Professional Requirements:
- Degree in software development or other relevant experience.
- 10 years of experience as a software developer or DevOps professional.
- Ability to manage prioritize remediate vulnerabilities like those on the OWASP Top10 list.
- Excellent knowledge in at least one of the objectorientated programming languages like Java .NET and scripting languages like Python JavaScript etc.
- Experience with AWS cloud services especially their security products.
- Experience with modern technologies like Kubernetes Protobuf gRPC and GraphQL.
- Experience with automated deployments and containerized application management.
- Experience with message brokers (e.g. Kafka) and relational databases (e.g. MySQL.
- A keen interest in continuous professional learning across software engineering cloud and application security domains.
- Working in agile development teams in a fastpaced environment.
- Excellent interpersonal and communication skills with fluency in English (written & spoken).
- Ability to take a lead role in the team supervising and/or mentoring others.
Desirable requirements:
- Cloudnative development and/or experience with other public & hybrid cloud services (GCP OCI etc).
- Handson experience with Cloud & Software Security and DevSecOps tooling such as CNAPP SAST and SCA.
- Experience with maintaining largescale and faulttolerant distributed systems in production.
- Experience with testdriven development.
OUR OFFER:
- The opportunity to work and develop within an inspiring and fastgrowing company with different teams working on different products in different locations.
- The possibility to directly contribute to the security of products used by our clients in the global sports business.
- Consultative role with multiple teams across different geographies and product lines where no one problem is the same.
- A collaborative environment with colleagues from all over the world (engineering offices across Europe in Asia and the US).
- Competitive salary and benefits (e.g. retirement pension and insurance plan).
Additional Information :
At Sportradar we celebrate our diverse group of hardworking employees. Sportradar is committed to ensuring equal access to its programs facilities and employment opportunities. All qualified applicants will receive consideration for employment without regard to age race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran. We encourage you to apply even if you only meet most of the requirements (but not 100% of the listed criteria) we believe skills evolve over time. If youre willing to learn and grow with us we invite you to join our team!
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
