Information Security Engineer II

Information Security Engineer II

Are you our “TYPE”?

Monotype (Global)

Named "One of the Most Innovative Companies in Design" by Fast Company, Monotype brings brands to life through type and technology that consumers engage with every day. The company's rich legacy includes a library that can be traced back hundreds of years, featuring famed typefaces like Helvetica, Futura, Times New Roman and more.

Monotype also provides a first-of-its-kind service that makes fonts more accessible for creative professionals to discover, license, and use in our increasingly digital world. We work with the biggest global brands, and with individual creatives, offering a wide set of solutions that make it easier for them to do what they do best: design beautiful brand experiences.

Monotype Solutions India

Monotype Solutions India is a strategic center of excellence for Monotype and is a certified Great Place to Work® three years in a row. The focus of this fast-growing center spans Product Development, Product Management, Experience Design, User Research, Market Intelligence, Research in areas of Artificial Intelligence and Machine learning, Innovation, Customer Success, Enterprise Business Solutions, and Sales. Headquartered in the Boston area of the United States and with offices across 4 continents, Monotype is the world’s leading company in fonts. It’s a trusted partner to the world’s top brands and was named “One of the Most Innovative Companies in Design” by Fast Company.

Monotype brings brands to life through the type and technology that consumers engage with every day. The company's rich legacy includes a library that can be traced back hundreds of years, featuring famed typefaces like Helvetica, Futura, Times New Roman, and more. Monotype also provides a first-of-its-kind service that makes fonts more accessible for creative professionals to discover, license, and use in our increasingly digital world. We work with the biggest global brands, and with individual creatives, offering a wide set of solutions that make it easier for them to do what they do best: design beautiful brand experiences.

This person partners with the Engineering organization to ensure that security is being properly considered during the planning phase of our development lifecycle and performs the assessments of our code during and post development to ensure our applications are secure in both implementation and deployment.

What you’ll be doing:

• Analyzes application code information in multiple languages (PHP, C, C++, etc.)

• Identifies and prioritizes vulnerabilities within application code.

• Performs application layer penetration tests, dynamic vulnerability analysis, and red team exercises.

• Provides development engineering with guidance on threat modeling and targeted training on secure coding.

• Partners with development engineering to ensure security is considered in the design processes for allapplications.

• Partners with engineering architects to ensure security in design.

What we’re looking for:

• 3-5 years’ experience (can be in bug bounty or other freelance work)

• Preferred certification in one or more of an industry recognized security certification such as OSCP, CEH,CSSLP.

• Must have experience in development languages such as PHP, C, C++

• Deep technical understanding of application code and development techniques

• Expertise in OWASP recommendations

• Excellent technical communication and analytical skills.

• Excellent time management and organization skills with an aptitude towards creative problem solving.

• Proven ability to develop successful partnerships with internal and external stakeholders.

• Experience leading an engineering organization in threat modeling.

• Highly developed oral and written communication skills; strong presentation skills.

• Experience supporting global organizations preferred.

• Experience working in a bug bounty or capture the flag desired.

#LI-DNI