Help lead the software security program at Episerver- ensure that security is baked in to everything we build at every step of the software development lifecycle
Maintain our software security awareness program and ensure 100% of engineers stay informed annually of top security risks and best practices
Create security policy, standards, procedures and guidelines for engineering
Perform security reviews of Product Designs, and Technical designs
Measure and grow security maturity across the business
Assist in the triage of security issues and provide recommended fixes
Work across teams to facilitate independent security assessments and penetration tests
Evaluate new tools, processes, and frameworks; Drive adoption of the best ones
Maintain a high level view of security posture, and gaps with a focus on driving down risk in critical areas.
Software engineering, or cloud engineering background at a SaaS company. You may not be coding often, but you will need to be comfortable reviewing and discussing code with a diverse set of engineers
Familiarity with cloud security, particularly AWS and Azure Security concepts. You will be collaborating with the Reliability Engineering organization to bake AWS, Azure and GCP security best practices into our infrastructure.
Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response. You will act as the Security Partner for one or more Engineering teams to facilitate these practices.
Able to influence without authority and have excellent teamwork skills
Exceptionally clear communication skills- you'll need to communicate effectively and build relationships with all levels and roles at Episerver
Worked in a fast growth startup environment
Implementing software security programs like the Security Development Lifecycle at a SaaS company
Must be proficient in at least one language such as Python, Java, or Golang
An understanding of common application security problem spaces, and frameworks to mitigate or remediate
Thorough knowledge of OWASP Top 10
Deep knowledge of cloud security concepts and applications
Bachelor’s Degree in Computer Science or equivalent experience
Optimizely is an American company that provides digital experience platform software as a service. Optimizely provides A/B testing and multivariate testing tools, website personalization, and feature toggle capabilities, as well as web content management and digital commerce.
The company was acquired by Episerver in October 2020 and in January of 2021 Episerver announced that they were branding the combined company as "Optimizely".