Skip navigation

Security Engineer / Architect

  • Sofia, Bulgaria
  • hot
Job #: 45249
Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.

DESCRIPTION


EPAM is looking for an experienced Security Engineer / Architect with good communication skills to join our global team of IT professionals. A Security Engineer will be a part of the Information Security Team and will be responsible for assessing, designing, resolving and integrating security technology solutions. As a Security Architect you will be responsible for increasing Security Awareness among Project Teams and making products more robust and secure. You will work with the Development Teams, mentoring and driving them through the security baseline assessment and adopting Secure SDLC process.

Responsibilities

  • Detect and resolve security issues across whole assets of the company including databases, web applications, network devices, server, workstations, etc
  • Collaborate with Enterprise Architects, other functional area Architects and Security Specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
  • Serve as a Security Expert in application development, database design, network and/or platform (operating system) efforts, helping Project Teams comply with information security policies, industry regulations, and best practices
  • Contribute in building Secure Architecture and Design for the projects, perform Security Audits for ongoing projects: both Architecture and Implementation/Code Review
  • Work as a Security Advisor helping to establish secure development activities in SDLC end-to-end
  • Perform security trainings for Development Teams
  • Communicate with customers and teams, be able to convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing it (e.g. do penetration testing before release)
  • Research, design and advocate new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners and vendors
  • Evaluate and develop secure solutions, based on approved security architectures. Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks
  • Develop and write standard documents as they pertain to architecture or security technology solutions

Requirements

  • Expert knowledge of security issues, techniques and implications across existing computer platforms (Windows, Unix, macOS) required
  • Knowledge of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP CLASP, etc.)
  • Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review
  • Deep understanding of the nature of Security threats and their classification
  • Knowledge of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS, etc.) and how they match the general classification
  • Understanding of main security principles, such as multi-layered protection (Defense in depth)
  • Understanding of main areas of protection (security, privacy, availability) and levels of defense (networking, infrastructure, operation system, application)
  • Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, cryptographic operations, etc.)
  • Good knowledge of Security Features and Mechanisms provided by at least one Operation System (e.g. Windows, Linux, Android, iOS, etc.) and development platform/technologies (e.g. Java, .NET Framework, databases, etc.)
  • Familiar with existing Security Standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria, etc.) and what does it mean to implement compliance with them
  • Familiar with the tools for various security activities: Static Code Analysis, Penenetration testing, Intrusion Detection/Prevention, etc
  • Understanding of basic principles of Infrastructure security and Penetration testing
  • Ability to use the tools to perform actual attacks is a plus
  • Experience in SIEM (QRadar), DLP systems (Symantec, Office 365), building process and implementation systems from the ground up
  • Experience in Advanced Threat Protection (Cisco AMP, Symantec ATP), Antivirus systems (Symantec Endpoint Protection), building process and implementation systems from the ground up
  • Experience with MDM, EMM tools (MobileIron)
  • Experience with Endpoint Encryption solutions (MBAM, Symantec, Check Point)
  • Experience in web application scanners (Acunetix) and Continuous Vulnerability Management solutions (Nessus, Qualys)
  • Analyze, interpret and implement security hardening and best practice guidelines from reputable industry sources like Center for Internet Security (CIS), DISA and others

We offer

  • Personal development program that will allow you to be valued for your strengths
  • Wide range of professional trainings and workshops
  • Attractive salary, additional health and dental insurance as well as other social benefits
  • Broad projects variety and possible mobility between projects over the time
  • Experience exchange with colleagues around the world
  • Work-life balance and flexible schedule, team buildings and sport opportunities
  • Modern office in the Infinity Tower business center
  • If you are interested in this role please send your CV in English. All applications will be treated as strictly confidential
  • Only short-listed applicants will be contacted

Hello. How Can We Help You?

JOIN OUR TEAM
WFAONBOARDINGINDIA@epam.com

+91-40-47-979-900


Our Offices

  • Australia

  • China

    • Guangzhou

      Unit B01, 23/F,
      Yuexiuxinduhui Building,
      No. 236, 6th Zhongshan Road,
      Yuexiu District, Guangzhou,
      China 510180

      Map
    • 广州

      中国广州市越秀区
      中山六路236号
      越秀新都会大厦中座 23楼 B01室
      邮编510180

      地图
    • Shanghai

      Room B509, 5th Floor,
      48 Weihai Road,
      Huangpu District, Shanghai,
      China 200000

      Map
    • 上海

      上海市黄浦区
      威海路48号
      5楼B509室
      邮编200000

      地图
    • Shenzhen

      3/F, Block 5, Vision Shenzhen Business Park,
      9th Gaoxin South Road, 
      Shenzhen Hi-tech Industrial Park,
      Nanshan District, Shenzhen,
      Guangdong, China 518057

      Map
    • 深圳

      中国广东省深圳市
      南山区高新南九道
      威新软件园5号楼3楼
      邮编518057

      地图
    • Suzhou

      Building 12, Creative Industrial Park,
      328 Xinghu Street,
      Suzhou Industrial Park,
      Suzhou, China 215123

      Map
    • 苏州

      中国江苏省苏州市
      苏州工业园区星湖街328号
      创意产业园内12号楼
      邮编215123

      地图
  • Hong Kong

    • Hong Kong

      26F&17F, The Wellington Tower,
      198 Wellington Street,
      Central, HK

      Map
  • India

    • Bangalore

      Smartworks,  
      Global Technology Park,
      Block C, Outer Ring Rd,
      Adarsh Palm Retreat, Bellandur,
      Bengaluru, Karnataka 560103
      India

      Map
    • Hyderabad

      10, 11 & 12th Floors,
      Salarpuria Sattva Knowledge City,
      Plot No. 2, Phase - 1,
      Survey No. 83/1,
      Raidurgam Village,
      Serilingampally Mandal,
      Hyderabad, Telangana - 500081
      India

      Map
    • Pune

      SmartWork Business Center Pvt Ltd,
      Suite 8, Level 1,
      West Wing, Nyati Unitree,
      Samrat Ashok Road,
      Yerwada, Pune - 411006,
      Maharashtra
      India

      Map
  • Japan

    • Tokyo

      Floor 1-10-11
      Shibadaimon Centre Building 10th
      Shibadaimon Minato-ku
      Tokyo 105-0012
      Japan

      Map
      F: +81-03-6880-9201
  • Singapore

    • Singapore

      5 Shenton Way
      UIC Building, #10-01,
      Singapore (068808)

      Map
  • United Arab Emirates

    • Dubai

      EPAM Systems FZ-LLC Dubai Branch
      2307 Arenco Tower, Dubai Media City
      PO Box 501929 Dubai
      United Arab Emirates

      Map
  • Canada

    • Ottawa

      343 Preston Street,
      ON K1S 1N4, Ottawa
      Canada

      Map
    • Toronto

      5 Park Home Avenue,
      Suite 400,
      ON M2N 6L4, North York,
      Toronto
      Canada

      Map
      F: +1-416-595-1551
  • Mexico

    • Guadalajara

      Periférico Sur #8110,
      Col. El Mante
      45609 Tlaquepaque, Jalisco
      Mexico

      Map
  • United States

    • Newtown, PA

      41 University Drive,
      Suite 202,
      Newtown, PA 18940
      USA

      Map
      F: +1-267-759-8989
    • Bellevue, WA

      110 110th Ave. NE,
      Suite 310
      Bellevue, WA 98004
      USA

      Map
    • Boston, MA

      21 Drydock Avenue,
      Suite 410 W,
      Boston, MA 02210
      USA

      Map
    • Conshohocken, PA

      101 East 8th Ave,
      Suite 201,
      Conshohocken, PA 19428
      USA

      Map
    • Los Angeles, CA

      11601 Wilshire Blvd,
      Suite 350,
      Los Angeles, CA 90025
      USA

      Map
    • New York, NY

      24 West 25th Street,
      5th Floor,
      New York, NY 10010
      USA

      Map
      F: +1-267-759-8989
    • Philadelphia, PA

      30 South 15th Street,
      9th Floor,
      Philadelphia, PA 19102
      USA

      Map
    • San Francisco, CA

      222 Kearny Street,
      Suite 308,
      San Francisco, CA 94108
      USA

      Map
    • San Jose, CA

      2055 Gateway Place,
      Suite 510,
      San Jose, CA 95110
      USA

      Map
    • Washington D.C.

      7901 Jones Branch Drive,
      Suite 400,
      McLean, VA 22102
      USA

      Map