Senior Security Product Engineer

 

At adidas, our love for sport drives who we are and what we do. But just as a ball is more than leather and thread, and a show more than padding and plastic, we are bigger than our products. We don't just work to create faster shoes and lighter fabrics. We strive to help athletes everywhere perform their best. We believe that it's hard work inventing the future of sport, and that's why we love it; that when you push your limits, you make it possible for others to push theirs.

We believe that through Sport, we have the power to change lives.

To change lives, we have to create direct relationships with consumers and the best way to accelerate building direct relationships is through Digital. 

Senior Security Product Engineer  

 

Purpose:

The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

 

Key Responsibilities: Information security

  • Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Discuss and implement the fix of the vulnerabilities that are in the Product.
  • Oversees and coordinates Application Security Services in the Product.
  • Implement and tune Application Security Stages in CI/CD pipelines.
  • Coordinates Penetrations tests in the Product.
  • Provides Information Security Consultancy in the Product.
  • Triage registered vulnerabilities eliminate False Positives and facilitate the mitigation process.
  • Conduct Manual security code reviews on Demand
  • Analyze and plan the field of Security trainings in the Product.
  • Evaluate and adopt new technologies.
  • Invest time in coaching teammates on InfoSec mindset.
  • Lead technical discussions with technical and non-technical stakeholders, and take responsibility for making decisions that balance long- and short-term objectives

 

 

WHAT YOU CAN EXPECT 

  • You will bring your ideas to life in a buzzing environment of highly engaged, multinational agile teams, who at their core build game-changing software products. Right there with you! 
  • You will focus on building secure applications
  • You will understand the full Secure SDLC process
  • You will work on the pipelines to implement Global Infosec Standards
  • You will work hands on with static and dynamic security scanners.
  • You will perform code reviews for critical code change to ensure code quality and security standards  
  • You will fix confirmed vulnerabilities in alignment with the product teams
  • You will engage with key stakeholders (Devops teams, product owners, Product leads)  
  • You will transfer the technical depth Information Security and Devops Teams
  • You will consult and coordinate Information Security related consultancies in the product.
  • You will coordinate Penetration tests in the product and support mitigations.
  • You will understand your product and its area with all it’s integrations
  • You will be continuously learning the latest tech from internal trainings, experienced colleagues, conferences, and trainings
  • You will attend Scrum ceremonies, including daily stand ups, refinements and retrospectives 
  • You will follow existing release process to enable developed features in live systems  
  • You will ensure team code is compliant with code quality and standards  

 

 

WHAT WE ARE LOOKING FOR 

  • 7+ Years of experience in development.
  • Experience in Information Security is a big Plus.
  • Experience with Security Scanners is a big plus.
  • Striving towards Secure development.
  • Will to train and improve in Application security
  • Strong CI/CD experience with Jenkins
  • Strong experience in, Java
  • Nice to have Node.js, TypeScript
  • Nice to have Redis, Postgres experience
  • Strong experience with dockers/Kubernetes
  • Experience with continuous integration (toolset) and cloud platforms is a big plus
  • Motivation to never stop learning in Cyber Security.
  • Strong interpersonal and communication skills. Fluent in English. 
  • Strong interpersonal and communication skills. Fluent in English. 
  • College or university degree with focus on IT or equivalent. 

 

THOSE ARE YOUR TECHNOLOGIES 

  • Market leader static code scanners
  • Market leader Dynamic Web app scanners
  • Languages: java, node.js , typescript
  • Java Reactive webflux
  • Container Orchestration: Kubernetes, Docker 
  • CI/CD: Jenkins
  • Cloud platforms: AWS 
  • Agile Methodologies: Scrum/Kanban 

 

WHAT IF I DON’T CHECK ALL THE BOXES?

Not a problem. At adidas, we’re keen to increase our team’s diversity of backgrounds and skills, and we’re more interested in the work you will produce than that work you’ve already produced in the past. If you’d love to work with us, then we’d love to hear from you

 

 WHAT WE WANT TO OFFER 

You will be part of a strategic program for adidas with a lot of opportunities to grow and reach your goals. Together and individually, we will fuel consumer obsession through latest technology. You will be working in a flexible and family friendly environment with open culture. 

adidas celebrates diversity, supports inclusiveness and encourages individual expression in our workplace. We do not tolerate the harassment or discrimination toward any of our applicants or employees. We are an Equal Opportunity Employer.

Job Title:  Senior Security Product Engineer

Brand:  adidas
Location:  Zaragoza
TEAM:  Information Technology
State:  Z
Country/Region:  ES
Contract Type:  Full time
Number:  443988
Date:  Jun 26, 2022