Senior Software Security Engineer

Job Description

KONE Cybersecurity is an organization of experts responsible for developing and managing cybersecurity in KONE operations globally. We are looking for Senior Software Engineer at Pune. Are you an experienced application security professional and enthusiastic to improve application security? Our team is waiting for you to come and improve our Application security solutions that serve our over thousand applications globally in over 60 countries! If multicultural environments, challenges in high availability services, DevOps and Security is within your path of interests and development, please keep reading! Our mission in IT related to application security is to ensure that KONE customer facing as well as internal applications are built securely and that they are constantly being monitored for security compliance. On top of the process and technical controls, we also help our developers and partners to improve their security practices and guide them in becoming better in security. The platforms and services that are in scope of our application security are: Main Responsibilities -Collaboration with Application Owners as well as with Security and Compliances teams to capture their Application security needs. -Designing and implementing the application security services, ensuring its fit to business requirements, and conformity with KONE IT guidelines and architecture principles. -Contributing to the On-Going and Up-Coming projects within the responsibility area -Explore and coordinate improvements to the DevOps and Agile working model with Azure DevOps, Jenkins and GitHub both with cloud and on-premises applications regarding their automated application security testing as part of CI/CD pipelines or as part manual development processes. -Co-operating with different teams to enable cross-innovations in different areas of application security. -Compiling, reviewing and maintaining the required documentation for the application security services. We Expect You To Have -Very good understanding and experience in application security as well as the related services in an international context. -Working knowledge of code analysis tools, e.g. Coverity, Black Duck Hub, etc. - Working knowledge of application security evaluation with fuzzing tools - Experience with typical DAST vulnerability assessment scanning tools