Principal Security Engineer - Platform

Why SoftwareOne?

Strip away everything. Strip away our brand, strip away our buildings, strip away our offices. What are we left with? Our people. This is what makes SoftwareOne successful.

Passionate people who live and breathe our values every day, who delight our customers, and who go above and beyond. Our culture is unique, and I believe that having the right people, and empowering them to succeed, is the absolute key to our success.

Patrick Winter, Founder.

SoftwareOne is an equal opportunity employer. With employee satisfaction as one of our core values, we are passionate about diversity and are committed to creating an inclusive environment for all of our employees. We want every employee to have the greatest experience of their career.

SoftwareOne is looking for an experienced Principal Security Engineer who possesses a blend of technical expertise, strong communication skills, and knowledge of the compliance process.

SoftwareOne's Marketplace Platform is a digital two-sided business automation platform for client engagement and vendor interaction. It provides a streamlined experience for clients to access, purchase, and manage various software products and services. As we continue to expand and enhance our offerings, we are committed to ensuring the highest level of security for our users.

The Principal Security Engineer will lead our efforts in establishing a robust security framework.

• Develop and implement a comprehensive security strategy for our marketplace platform.
• Introduce and apply security best practices across the development lifecycle.
• Work closely with development teams to integrate security into the design and development of new features and functionalities, creating fun ways to spread technical security awareness throughout the engineering department.
• Provide training and guidance to development and product teams on secure coding practices and threat modeling.
• Conduct penetration testing to identify security vulnerabilities on our production or staged applications.
• Take ownership and responsibility of security audits, remediations, and compensating controls.
• Collaborate with the compliance and privacy teams to ensure compliance with industry best practices and standards.
• Play a leadership role during any security events by evangelizing and conducting the right behaviors to achieve best outcomes.

• Proven in-depth experience of cyber security in a SaaS product environment.
• A hands-on engineer, who can implement security solutions and identify risks.
• Experience working with engineering teams to evangelize and improve security practices.
• Implemented security policies and solutions via code.
• Cloud experience - Azure is preferred, although a very strong candidate with significant AWS experience will be considered.
• An effective and patient communicator, willing to devote extensive time towards teaching and advocacy in an engineering organization.
• Able to navigate compliance processes, interfacing with the SoftwareOne CISO office, working with external consultants, and communicating with customers.
• Able to intuitively solve highly complex problems.
• Able to pragmatically prioritize and work calmly and effectively under pressure.
• Recent experience of working on a green or blue team is an advantage.
• Fluent English language capability.

Marketplace Platform

SoftwareOne welcomes applicants from all backgrounds and abilities to apply. If you require reasonable adjustments at any point during the recruitment process, email us. Please include the role for which you are applying and your country location. Someone from our organization that is not part of the decision-making process will be in touch to discuss your specific needs, and we will make every effort to accommodate you.

At SoftwareOne, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.