Back to listing

Security Engineer
Romania (Brasov, Iasi, Cluj-Napoca, Bucharest, Craiova, Timișoara), Moldova (Chisinau)

Date posted: 15.11.2023

Job type: Full time

Romania (Brasov, Iasi, Cluj-Napoca, Bucharest, Craiova, Timișoara), Moldova (Chisinau)

Remote work

Full time

Job perks: Continuous learning opportunities; Digital Transformation Projects

About the project

How we hire:

At Pentalog, excellence is what you'll do. We're guided by a mission to positively impact the software development world.

Pentalog is looking for a Security Engineer to help one of our clients stay in the lead. They are a top provider of software solutions in the market research sector. Together we strive to deliver high performance software that meets and exceeds customer requirements.

We are currently looking for a highly motivated and experienced Security Engineer to join our dynamic team. You will manage and improve the application portfolio and development standards while promoting an agile, performance-driven approach to software delivery. Your role will involve assisting in the design of database encryption strategies and establishing a secure key management process to improve data security and overall operational efficiency.
 

Job requirements

  • At least 5+ years of general information technology experience;
  • Minimum 3 years of information security experience, ideally aligned with application development and secure coding processes;
  • Knowledge of best practices and standards such as the ISO/IEC 27000 series, OWASP and CIS benchmarks;
  • Working knowledge of data privacy/protection and familiarity with GDPR compliance;
  • Deep understanding of automated quality assurance code review tools and technologies;
  • Commitment to a risk-based approach to defining and maintaining security objectives, policies, procedures and action plans;
  • Passion for knowledge sharing, including educating colleagues on security best practices through technical demonstrations and concrete examples;
  • Willingness to thrive in a challenging technical environment involving technologies such as GCP, on-prem Windows, RabbitMQ, Jenkins, Docker, Kubernetes, Terraform, Octopus Deploy, etc.;
  • Degree, ideally in Computer Science or Business;
  • Excellent verbal and written communication skills in English.
     

Responsibilities

  • Collaborate with accreditation and certification experts to help achieve ISO27001 certification, specifically for the application development lifecycle;
  • Participate in the design of software and system architectures that incorporate intrinsic information security, privacy controls and best practices;
  • Engage with key stakeholders, both technical and business, regarding privacy and information security controls;
  • Initiate and manage information security projects to ensure that it complies with contractual, legal and regulatory requirements and information security best practice;
  • Continuously define, assess and monitor information security controls throughout the software development lifecycle;
  • Perform and coordinate vulnerability assessments and analyses;
  • Embed a pragmatic security framework, aligned with the security policies and principles, into an enterprise development methodology to securely deploy and scale cloud-native applications;
  • Train and mentor Developer/Ops team in the implementation of industrial-strength security best practices;
  • Perform security assessments and security reviews of third-party vendors involved in the overall development programme;
  • Review various documents (including MSAs, statements of work, client/supplier contracts, RFPs, etc.) from an information security compliance perspective related to the development programme;
  • Perform static and inline code reviews using automated quality assurance code review tools;
  • Perform threat modelling of the application portfolio architecture.
     

Benefits

  • English and French language classes; 
  • Competitive salary and bonuses; 
  • Free pass to learning platforms; 
  • A multicultural, friendly work environment; 
  • Working in a company with an Agile mindset: continuous knowledge sharing and validated learning; 
  • The possibility to bring your own creative and innovative ideas to life; 
  • Mentorship programs that encourage and enable your professional development; 
  • Private Health Insurance and meal tickets; 
  • Improvement of your hard and soft skills through workshops, knowledge sharing sessions and presentations on multiple IT-related topics. 
     

About Pentalog

As a leading European Software Services company operating internationally in France, Romania, Germany, Moldova, UK, Vietnam, Mexico, Morocco and USA, we employ over 1,300 engineers and IT experts who work in a very dynamic, multicultural working environment.

At Pentalog, your talents & ambitions are recognized and rewarded; we offer plenty of opportunities to develop, both individually, as well as a professional, and we reward our collaborators who understand the importance of self-improvement.

Super humans