JobsPortal logo

Search Jobs In Finland

Software Security Lead

Published date more than one year ago
Posted: more than one year ago
Company F-Secure
Company: F-Secure
End date Aug. 9, 2021
Due date: Aug. 9, 2021
Location Oulu, Helsinki
Location: Oulu, Helsinki

The Software Security Lead acts as a steward for the adoption of F-Secure's internal Lifecycle Security Policy across the F-Secure R&D and ICT management and tracks compliance to the policy. Software security and security in software development play crucial roles in F-Secure's commercial success and are right at the heart of what our customers expect of us.

The position of Software Security Lead belongs to CISO Office, which is our internal cyber security resource serving the global F-Secure organization. CISO Office leads company-wide security initiatives and oversees security work. As a Software Security Lead, you will join a highly skilled multi-disciplinary team of technical and management system security professionals, all working towards the same goal: building trust.

Key Responsibilities

As a Software Security Lead you will build our roadmap for software security which will improve our secure software development practices, promote security as a crucial part of a healthy SDLC process, and support F-Secure's software security architecture management. You have the best visibility to the state and direction of our secure development practices and can influence it from the inside.

You help development teams align their practices by facilitating threat modelling sessions, design reviews and by scoping technical security assessments. You are the teams' dependable source for guidance on secure design choices, you help organize trainings and coach R&D teams and individuals in the execution of the mandatory and promoted activities. You are a leading member of our Product Security Incident Response capability (PSIRT) and contribute to the functioning of our bug bounty programs.

What are we looking for?

You have good understanding on the basics of information security technology and internetworking.

You have gained experience in working as part of an agile software development team and understand how modern software development takes place on a grand scale.

You have experience in security research, and know how bug bounties and vulnerability coordination works behind the scenes.

You need to know how to code, but.. In this role, you will be mostly reading and commenting code written by others. It helps if you can quickly context switch between projects that focus on mobile clients, microservices, machine learning and cryptographic protocols without becoming disoriented. Security needs come in different shapes and forms, but they all deserve insightful look.

What will you get from us

This is your chance to work in a diverse team whose other responsibilities include security incident response and threat hunting, running a mature security management system, cyber security risk management, privacy and business continuity management. We never grow tired of learning!

You'll get a ringside view to what cyber security software is made of, and how it is turned into secure and reliable products. Most importantly, you have a perpetual license to engage with the people who make it happen, to ask the so-called stupid questions and offer suggestions for improvement that contribute to our common success.