Product Security Lead

Chandigarh CatalystOne Info Solutions Ltd. Apply before: 2021-08-30

Are you passionate about application security and want to drive security into products across an entire platform of modules?

Are you excited about securing the newest technology including the public cloud and containerization?

Can you thrive in a dynamic team where our customers count on us for protecting their data?

If these questions create a tickling excitement in you, then you've reached the right place! you might be a perfect fit for CatalystOne’s Security Team!

CatalystOne Solutions is the Nordic leader in software for HCM (Human Capital Management) and has many well-known companies as customers. Customers like Paradox Interactive, Nordnet, Atea, EVRY, JM, Björn Borg and many more are and will be happy to have us as their software supplier. We have for 15+ years built a strong value-based company driven by the customer's success. We are now in an extensive growing phase and our five-year plan is to many times multiply the number of customers, our net sales, and the number of employees. Join us on this journey and be part of the success stories.

We have over time built an outstanding product and a strong corporate culture - both we are very proud of. Not many companies can truly say that their employees live their company values, but at CatalystOne our values are an integrated part of our everyday lives. We didn’t develop our values – our values developed us!

At CatalystOne, we believe that security is everyone’s responsibility and security decisions should be simple. When our customers or employees face options, we strive to make the secure option the easiest way of achieving their goals.

Join us as a Lead Security Engineer and you will have the opportunity to:

  • Be the leader of the Security Engagement program to guide developers through the threat modeling process
  • Guide and inspire developers across CatalystOne to build security into their products and features from the very beginning.
  • Tackle projects to build out new capabilities to increase the scope and effectiveness of our team through process improvement and automation.
  • Mentor staff on security fundamentals, risk management, and vulnerabilities.
  • Share in the execution of our Security Champions program to nurture a security culture and to help our developers improve their security posture.
  • Assist in the vulnerability management process including triaging identified vulnerabilities and tracking them through the vulnerability lifecycle.
  • Support incident response efforts as needed and work with teammates to investigate them.

You must be learning and solution-oriented. You are resourceful and motivated to grow into other exciting roles in the development and/or leadership team in the future.  

See if you are one of our new members of the family:

  • Yo have at least 5 years of application security experience, plus experience mentoring junior staff.
  • You have experience working with modern web applications, frameworks, and technologies, i.e. microservices and Kubernetes - including their security threats and vulnerabilities.
  • You have a great understanding of the threat modeling process and how to efficiently scale this with automation and taking a risk-based approach to prioritize resource utilization.
  • You are able to design creative solutions to problems.
  • You are outstanding at verbal and written communication skills.
  • You have experience with programming (Java or Angular is a plus) - please send us your GitHub/Bitbucket account or any other examples of projects, if available.
  • You have experience with securing cloud deployments, preferably, Microsoft Azure
  • You have experience with penetration testing to verify common web vulnerabilities.
  • You are a multi-tasker and excel when it comes to balancing and prioritizing work appropriately.
  • You have been working with agile development processes, in a fast-paced environment with continuous integration.
  • You have a Bachelor's degree in Computer Science or other relevant focus of study.
  • Security certifications are a plus such as OSCP, GWEB, GPEN, GWAPT, CEH, CISSP, GSEC, etc

Number of open positions: 1 (5+ years experience)

We have a total of five offices, with four corporate ones in the best locations of Oslo, Sandefjord, Stockholm, and Copenhagen. Our biggest office is in Chandigarh, India, where we conduct research and develop our product suite. All our offices offer modern environments of the highest standards. We make sure to work closely across borders and cities. One big team on one big adventure together.

We practice trust and flexibility, and as a proud provider of HR solutions, we are of course keen to take good care of and develop our own employees.

A few other benefits of working with CatalystOne:

  • Transparent and strong work processes-policies
  • No work-bonds
  • Flexibility in work-timings
  • Birthday and work anniversary celebrations
  • Festival celebrations
  • Team engagement activities, parties, and workshops
  • Health Insurance cover
    ... and the list goes on. Apply for the position to see it for yourself!
CatalystOne is an equal opportunity employer. We have a passion for people and believe that a diverse workforce is fruitful for our company culture. The candidate should be prepared for us to conduct a background check. We process applications on a continuous basis and the position might be appointed sooner than first expected.
Kunal Sharma, Technical Recruiter