Careers - Sri Lanka
Senior Software Engineer - Platform Security
The Platform Security Team at WSO2 works towards continuously improving the security posture of our products and services and to promote a security culture within the organization.
We have a vacancy for a Senior Software Engineer who is a competent software engineering professional with great enthusiasm for the application security domain.
- Build processes to ensure a security-focused SDLC, and ultimately, vulnerability free products and services.
- Automate security processes to increase the efficiency of the SDLC.
- Development of new security tools, improvement and adoption of existing open source tools, and integrations with external tools.
- Attending in-design and code reviews of engineering teams to provide the security insight and thereby ensure early identification of vulnerabilities.
- Conduct research on new technologies and methodologies related to application security and the latest vulnerabilities and attacks.
- Evangelize the security knowledge across the engineering teams by preparing best practices guidelines and training them.
- Provide guidance and assistance to engineering teams to handle security incidents and other security-related tasks.
- Participate in security-related conferences like OWASP AppSec and BlackHat and present our research and development work to the wider security community.
- Work with external security researchers on the responsible disclosure of vulnerabilities.
- Passionate about the application security domain and building a career in it.
- Knowledgeable in computer security principles and practices.
- Strong professional software engineering background with a minimum of 3 years of experience in application development.
- Renowned security certifications like OSCP and CISSP are an added advantage.
- Opportunity to define security goals and processes that touch every phase of the SDLC.
- Contribute to the feature developments in open source security projects.
- Build a personal brand by publishing papers and presenting in security conferences and meetups.
- Work closely with engineering teams that specialize in various domains and learn about the security considerations in them.
- Work with customers, vendors, and external researchers on security-related matters.