Information Security Specialist responsible for protecting systems and data at Ituran. Collaborating with teams and ensuring compliance with security measures and regulations.
About the role
- Product Security Engineer focusing on ensuring software resilience against attacks during development phases. Collaborating with DevOps and Engineering teams to enhance security protocols.
Responsibilities
- Works directly with DevOps and Engineering teams to bake security into the Software Development Life Cycle (SDLC)
- Identifies potential attack vectors and suggests mitigations
- Triages bugs found via automated scanners, internal audits, or Bug Bounty programs
- Implements and manages tools like SAST, DAST, and SCA to catch insecure dependencies
- Performs manual 'deep dives' into critical codebases to spot logic flaws that automated tools might miss
- Acts as a subject matter expert when a security flaw is exploited in production
- Leads activities to find ways to bypass the logic to alter 'Recipe' files or production data
- Creates 'Security Champions' programs to teach engineers how to write defensive code
Requirements
- 4 to 6 years typical experience in similar roles
- Proficiency in at least one 'product' language (C# (.Net core), JavaScript, SQL)
- Deep understanding of the OWASP Top 10 (SQLi, XSS, CSRF) and cloud security (AWS/Azure/GCP)
- Experience with Snyk, Checkmarx, Burp Suite, or GitHub Advanced Security
- Familiarity with Docker, Kubernetes, and CI/CD pipelines (Jenkins, GitLab CI)
- Bachelor's Degree or consideration of an equivalent combination of education and experience
Benefits
- Celestica is an equal opportunity employer
- Special arrangements can be made for candidates who need it throughout the hiring process
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Cloud & Information Security Engineer responsible for EC Markets' technical security posture. Designing and operating secure systems while ensuring regulatory compliance and cloud infrastructure security.
IT audit specialist responsible for executing technology and cybersecurity audits at an international bank in Zurich. Collaborating with top management to enhance internal controls and efficiencies.
IT Systemadministrator focusing on Sophos Security at bauXpert GmbH. Responsible for IT infrastructure management and support tasks in a hybrid environment.
Cyber Security Specialist designing and implementing security controls for Squarcle clients. Supporting compliance with regulations and best practices in a digital environment.
Head of Security at Street Group managing organizational security and working with IT and Engineering teams. Leading security posture and compliance while mitigating emerging threat vectors.
Cybersecurity Data Analyst Internship at Schneider Electric. Contributing to real - world projects in a dynamic team environment.
Security Consultant providing technical leadership in electronic security systems engineering for complex built environments. Leading projects through all lifecycle stages while engaging with clients and contractors.
Senior Application Security Engineer at Enova Consulting in Genève, specializing in web application security and WAF solutions for critical projects.
Assistente de Segurança da Informação supporting operational activities in information security at AuditSafe. Engaging in monitoring, documentation, and compliance efforts in cybersecurity.