Senior Cloud Application Security EngineerSportradar is the world's leading sports technology company, at the intersection between sports, media, and betting. More than 1,700 sports federations, media outlets, betting operators, and consumer platforms across 120 countries rely on our know-how and technology to boost their business.
Job DescriptionROLE OVERVIEW: The Senior Cloud Application Security Development professional will be part of the Secure Software Development team within Product Security, dedicated to fixing identified application-level vulnerabilities whilst coaching Tribe members in secure development practices. The successful candidate will work in a consultative capacity across multiple tribes, so should be comfortable in dipping in to help solve different problems with different teams, nationalities, and locations. Excellent technical, interpersonal and communications skills are key to this role.
In addition to working with Tribes, the successful candidate should also be comfortable in developing tools and utilities to improve the security of cloud resources whilst not hindering developer productivity.
The role will report into the Senior Manager, Product Security and will be part of a multidisciplinary team of developers with experience in Secure Software Development (SSD) and Attack Surface Management (ASM) to deliver initiatives and guiding principles that will help identify and mitigate vulnerabilities within the products that Sportradar develops. The Senior Cloud Application Security Development professional will also work closely with 3rd parties (e.g. Bug Bounty programme) as well as other teams within the wider Security group (e.g. GRC, SOC, etc.).
THE CHALLENGE: Respond to identified vulnerabilities in our applications and cloud environments without jeopardizing product roadmap.Evangelize and coach engineers on secure design & development practices through threat modelling and help remediate findings through pair-programming sessions.Cross pollination of secure development techniques and best practices across engineering tribes.Collaborate across both SSD and ASM teams in Product Security to ensure unit initiatives are successfully delivered.Be on-hand to assist colleagues as part of our incident response process should this be required.YOUR PROFILE: Personal Requirements: You get excited by challenges, and have a positive, can-do attitude in working with different teams, locations and technologies to achieve the best outcome.You are interested in cloud and application security and thrive on having multiple problems to solve, together with a continuous learning mindset.You enjoy diving in and figuring the crux of a problem quickly and helping provide a pragmatic solution to the team, whilst efficiently communicating the outcome to techies and managers alike.You are comfortable with mentoring others and taking a lead role for an initiative to help deliver the intended outcomes.Professional Requirements: Degree in software development, or other relevant experience.10+ years of experience as a software developer or DevOps professional.Ability to manage, prioritize, remediate vulnerabilities like those on the OWASP Top10 list.Experience with AWS cloud services, especially their security products.Experience with modern technologies like Kubernetes, Protobuf, gRPC, and GraphQL.Experience with automated deployments and containerized application management.Experience with message brokers (e.g. Kafka), and relational databases (e.g. MySQL).A keen interest in continuous professional learning across software engineering, cloud, and application security domains.Working in agile development teams in a fast-paced environment.Excellent inter-personal and communication skills with fluency in English (written & spoken).Ability to take a lead role in the team, supervising and/or mentoring others.Cloud-native development and/or experience with other public & hybrid cloud services (GCP, OCI, etc).Hands-on experience with Cloud & Software Security and DevSecOps tooling such as CNAPP, SAST and SCA.Experience with maintaining large-scale and fault-tolerant distributed systems in production.Experience with test-driven development.OUR OFFER: The opportunity to work and develop within an inspiring and fast-growing company, with different teams working on different products in different locations.The possibility to directly contribute to the security of products used by our clients in the global sports business.Consultative role with multiple teams across different geographies and product lines, where no one problem is the same.A collaborative environment with colleagues from all over the world (engineering offices across Europe, in Asia and the US).Competitive salary and benefits (e.g. retirement pension and insurance plan).Additional InformationAt Sportradar, we celebrate our diverse group of hardworking employees. Sportradar is committed to ensuring equal access to its programs, facilities, and employment opportunities. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. We encourage you to apply even if you only meet most of the requirements (but not 100% of the listed criteria) – we believe skills evolve over time. If you're willing to learn and grow with us, we invite you to join our team!
#J-18808-Ljbffr