Do you want to join us in our efforts to digitize Norway and affect the everyday life of a large number of people? We are building a modern ERP and HRM solution for the Norwegian public market, and we are looking for a Security Engineer to help us make this product a success.
You will be working with some of the best domain experts in Norway, in an organization in strong growth where SaaS and cloud are a major part of the strategy. And you will be a vital contributor in our efforts to modernize one of Norway's largest software successes.
Our current technology stack consists of technologies like Java8, Spring, Hibernate, MSSQL, Oracle, Apache Wicket, Tomcat, Git, JUnit, Mockito and Selenium. You will have time to learn if you can’t cover all of these today,
As our Security Engineer, you will be the person with expert knowledge on our and the relevant non-functional requirements, . security and privacy requirements. You will work closely together with, and support, the Service Owner, the Service Architect, and other team members in our efforts to maintain a secure solution. You will also ensure compliance against the security program and participate in the continuous improvement of this program.
* Gather and document security and privacy requirements:
* Defined by Visma Group/Division/Legal company in . security and privacy policies and guidelines
* Service/contract specific
* Define security monitoring requirements to verify fulfillment of non-functional requirements
* Ensure that Visma corporate privacy and security requirements, as well as service specific / contractual non-functional requirements are part of the service backlog.
* Ensure that non-functional controls are considered and documented together with the Service Architect. Non-functional controls includes:
* Identity and access management, including authorization
* Log management for security
* Transport and storage security
* Data classification
* Privacy per design
We would like that you have:
* Master's or bachelor's degree in computer science with good academic results
* A passion for DevOps and DevOpsSec
* Experience with setting up and maintaining a continuous delivery pipeline (DevOps)
* Knowledge of, and practical experience with different public cloud vendors
* Experience with, or interest in, securing cloud services
* Knowledge in, or interest in, application, test and IT security in DevOps (DevOpsSec)
* Experience with, or interest in, how non-functional requirements can be implemented and verified in application development and operation
* Knowledge about agile Security Development Lifecycle (SDL) methodology
* Wants to have the chance to evaluate and integrate new security tools and technologies
* Troubleshooting skills
* Basic programming/scripting experience. . in .Net, Java and PowerShell
* Basic knowledge of Windows and Linux operating systems and their security features
What we offer you:
* An exciting position in an international working environment
* Work in a agile international teams using Scrum and modern collaboration tools for working in a distributed development team.
* A creative working environment with the latest technologies and tools
* Good opportunities for career development in a large international company
* Competitive terms and conditions
* Possibilities to learn new stuff and get support from your colleagues
* Company holiday apartments in Spain and France
* Attractive salary and benefits package (13th salary, medical insurance, pension PIII, meal tickets, sport plan)
* Coffee and cake :)