Possesses deep technical/functional expertise and knowledge in software security (OWASP ASVS and OTG, at a minimum)
Utilizes security tools, utilities and processes (Burp Suite Pro, advanced knowledge)
Deeply experienced in manual software security analysis
Experienced in JavaEE and its security model
Experienced in Python security automation
Secure Software Architecture
Secure SDLC implementation experience
Cloud-native web application security
Docker and microservice security
Prior experience as a JavaEE developer
Variety of new knowledge sharing and training opportunities
Unique international working environment
Paid vacation and sick leave
Various social & team-building activities
Implementing EIS Secure Software Development Process:
Performs code review and white-box testing of web applications and their APIs
Reviews software architectures for secure design issues, providing a design review service to project teams
Integrates Application Security automation solutions into DevOps pipeline
Implements static code analysis customizations
Develops and employs application-specific security testing automation
Responds to technical security challenges and questions faced within EIS RnD
Communicates nature and impact of identified application security deficiencies as well as their potential solutions
Provides training to other teams on software security, including information from OWASP framework
EIS is an insurance software company that enables leading insurers to innovate and operate like a tech company: fast, simple, agile. Founded in 2008, EIS provides an open, flexible platform of core systems and digital solutions allowing insurers to accelerate and scale innovation, launch products faster, deliver new revenue channels, and create experiences the world will love. With thousands of APIs, the platform gives insurers the freedom to connect to a vast ecosystem of insurtech and emerging technologies. EIS powers premium growth for insurers in all lines of business worldwide. For more information visit EISGroup.com.
Our culture is focused on fostering development, engineering excellence, and building genuine connections-by recognizing each other’s strengths and sharing in successes. Fueled by creativity and ideation, we strive to constantly accelerate our growth and nurture future innovation to enhance business technology and deliver superior solutions. Being a great company to work for makes us a great company to work with.
Software Security Engineer position will enable us to perform in-depth technical application security analysis, identify and help remediate vulnerabilities before Advanced Persistent Threats do. This is a hands-on technical AppSec-focused role requiring significant prior experience specifically in web AppSec.
We are looking for smart, dynamic and intuitive people to join our growing team of technology professionals and industry experts.