Security Lead Officer
Master of Code Global is specializing in AI-powered conversational experiences and apps & web development. Founded in 2004, we are a US company with development centers in Ukraine (Cherkasy and Kyiv) and Canada (Winnipeg). For over 3 years, we have been working in the sphere of Conversational Applications, we also have our E-commerce product for Shopify platform as well as develop Web & Mobile domain. We were the first in the world, who succeeded to integrate Apple Pay into Apple Business Chat.
Now we’re looking for Security Lead Officer having the background and experience in software security field, to help implement software security strategy, focused on leading Security Architecture and DevSecOps for Ukraine based Client’s DOEC.
You will be a focal point for Client’s Security team (Israel based) responsible for the overall security in the DOEC office in Ukraine.
The Security team is responsible for development and implementation of controls for protecting Client Company assets, meeting strict customer requirements and international security standards as well as proactively developing risk mitigation programs.
Required background and skills
8+ years of experience in the Software development and engineering field
High experience in one or more of the following programming languages: Java and NodeJS/JS.
High communication skills, work experience in global companies and a desire to function in a team-based environment
BSC degree in Computer Science, a related field or equivalent experience
Preferred/Nice to have skills
Experience in public Cloud, Docker and K8S architectures
Experience in leading Secure Development LifeCycle, threat modeling, penetration testing and in using and analyzing findings of Static Code Analysis and Open Source Analysis tools.
Ability to detect, explain, remedy and validate software security issues such as OWASP top 10 vulnerabilities.
Experience with ISO 27001 and other certifications like SOC 2+, Hitrust, PCI.
Security certifications such as CISSP, CSSLP, CEH, GIAC, and GSSP-JAVA.
Act as the single leadership point of contact for security strategy and security product architecture at MOC DOEC.
Ensure consistency and standardization in software security, compliance, certification, IT policies, network configuration mechanisms for Client’s DOEC.
Report and triage vulnerabilities, provide metrics, track, plan, and ensure timely remediation of open issues.
Participate in product requirements and design review meetings, review product design documents, provide security requirements and identify potential security threats in the design.
Provide practical security best practices, perform manual code review for major security features and implement automatic security tools (SAST, DAST, etc.) into the CI/CD processes
Coordinate risk assessment and penetration test activities.
Manage and supervise security related topics
The role reports directly to the Client’s Head of Cyber Resilience (Israel based) and MOC’s Chief Technical Officer.
Have got some time left?)
You could devote it to your favorite activity or read about us on our social networks.