Cedacri is part of ION Group, a community of visionary innovators, dedicated to providing pioneering software and consultancy services to financial institutions, trading firms, central banks, governments, and corporations around the world. We strive to simplify the way people work. We do that by providing workflow and process automation software, as well as providing real-time data and business intelligence to help people make better decisions. We are 13,000+ employees, 60+ global offices, and over 4,800+ customers worldwide.
For the strengthening of the Security team, we are looking for brilliant professionals with proved experience in complex environments, preferably banking/finance, to join the application security team. The ideal candidate will experience a dynamic, fast-paced and innovative environment, and will contribute to define and implement the best security solution.
Your duties and responsibilities
· Help to define consistent Secure Software Development Lifecycle practices for all projects throughout the planning and delivery cycles that assure that application security risks are mitigated to an appropriate level.
· Ensure end-to-end security of products by hands-on testing, hypothesizing threats, helping development teams to remediate risks upfront.
· Improve secure coding practices, application security requirements, automation, training, and metrics
· Integrate threat modeling practices into the Software Development Lifecycle
· Help build secure products and standards around emerging technologies and using existing standards and security practices
· Develop and optimize processes to improve software development efficiency in the consumption of security development practices
· Maintain active understanding of industry practices for secure software development
We might ask you to perform other tasks and duties as your role expands.
Your skills, experience, and qualifications required
• Degree in computer science/science
• Minimum 5y of experience into penetration testing/vulnerability management
• Strong relational and people management skills
• OS (Windows / Linux, specifically Red Hat) and Microsoft Office Suite
• Scripting solutions (Powershell / Bash / Python etc) for support and troubleshooting
• Strong understanding of OWASP top 10 and similar application security methodologies
• Strong understanding of cryptography and SSL certificate lifecycle management
• Experience with security tools including static code analysis and vulnerability scanning
• Strong understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
• Well versed in application design, penetration testing, application risk assessment and risk categorization
• Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into a developer’s world
• Platform experience. E.g. Linux, Redhat, CentOS or similar
• Experience with agile software development practices and methodologies
• C1 English level knowledge
What we offer:
Permanent employment contract
Assago (MI), Collecchio (PR), Roma, Verona
According to the Italian Law (L.68/99) please note that candidates from the disability list will be given priority.