Careers - Sri Lanka

Engineering Team

Associate Technical Lead - Platform Security

Careers > Sri Lanka
Location: Colombo

The Platform Security Team at WSO2 works towards continuously improving the security posture of our products and services and to promote a security culture within the organization.

We have a vacancy for an Associate Technical Lead who is a competent software engineering professional with lots of enthusiasm for the application security domain.

Responsibilities

  • Build processes to ensure a security-focused SDLC, and ultimately, vulnerability free products and services.
  • Automate security processes to increase the efficiency of the SDLC.
  • Provide technical guidance on the development of new security tools, improvement and adoption of existing open source tools, and integrations with external tools.
  • Attend in-design and code review meetings of engineering teams to provide the security insight and thereby ensure early identification of vulnerabilities.
  • Conduct research on new technologies and methodologies related to application security and the latest vulnerabilities and attacks.
  • Evangelize the security knowledge across engineering teams by preparing best practices guidelines and training them.
  • Provide guidance and assistance to engineering teams to handle security incidents and other security-related tasks.
  • Participate in security-related conferences like OWASP AppSec and BlackHat and present our research and development work to the wider security community.
  • Work with external security researchers on the responsible disclosure of vulnerabilities.

Requirements

  • Passionate about the application security domain and building a career in it.
  • Knowledgeable in computer security principles and practices.
  • Strong professional software engineering background with a minimum of 4 years of experience in application development.
  • Possess excellent leadership and collaboration skills to work with different engineering teams and help drive the security vision at WSO2.
  • Renowned security certifications like OSCP and CISSP are an added advantage.

Benefits

  • Opportunity to define security goals and processes that touch every phase of the SDLC.
  • Contribute to the feature developments in open source security projects.
  • Build a personal brand by publishing papers and presenting in security conferences and meetups.
  • Work closely with engineering teams that are specialized in various domains and learn about the security considerations in them.
  • Work with customers, vendors, and external researchers on security-related matters.