Software Security Engineer

dormakaba Holding AG, traded on the SIX Swiss Exchange,  is a global security group based in Switzerland and employs around 16,000 staff in over 60 countries.

With over 150 years’ experience and millions of products and solutions installed worldwide – from pushbutton locks and door closers to complex, networked access solutions with smartphone access – dormakaba is your reliable partner for secure and flexible access to buildings and rooms.

We build the technology that allows seamless and secure physical access. We are a full-stack engineering team responsible for the development of security products, that the company then manufactures and sells worldwide. We stay on top of security vulnerabilities, threats, and attacks in the wild to design and implement detections.
 

A job that matters: Your Tasks 

• Ensure security best practices are implemented during the development cycle, by leading the development of security related features
• Introduce and use tools to analyze device security and their communication
• Research and respond to changes in platforms, threats, and attacks in the wild
• Work cross-functionally with its development team security-related team and be part of a cloud platform team
• Assist the team with understanding the implications of security guidelines
• Code to automate tasks and malware analyses or vulnerability scanning
• Design, implement and coordinate internal or external security and penetration tests
• Support and consult with product and development teams in application security, including threat modeling
• Assist teams in reproducing, triaging, and addressing application security vulnerabilities
• Assist in development of security processes and automated tooling that prevents classes of security issues
• Represent the teams at the security boards

We are looking for brilliant people, not for a list of skills. While reading about the key responsibilities of the role, please consider that value attitude and expertise. Are you curious and passionate about working in a constantly evolving and challenging international environment?

An experience that matters: Your Skills

• 5+ years relevant experience
• A background in software engineering with a deep passion for protecting against and hunting for digital threats
• Experience with JavaScript/TypeScript/ Node.js
• AWS and/or similar cloud providers
• Use of infrastructure as code – Terraform
• Familiarity with some common security libraries and tools e.g., static analysis tools
• Experience identifying security issues through code review
• A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, OAuth2)
• Familiarity and ability to explain common security flaws and ways to address them
• Experience with  ISO 27 001 is required
• Experience with  IEC62351, IEC62443 would be a plus
• Oral and written communication skills will be essential when interacting with team members
• Strong problem-solving skills to deal with threats or flaws swiftly and creatively
• Able to work well with software development teams in an agile environment
• Proactive and independent
• Curiosity and eagerness to learn
• University degree or equivalent on Technical College or relevant related experience
• Further education and/or certification in cybersecurity would be an advantage

A workplace that matters: Our offering

• Best opportunities in a globally operating company valuing diversity, inclusion, sustainability and mutual trust
• Attractive remuneration package
• Opportunity for flexibility with a hybrid working model
• Home office allowance
• 25 days paid annual leave
• Additional health insurance
• 200 BGN Food vouchers
• Public transportation card
• Optional parking space
• Multisport card
• Language training opportunity
• Employee referral program
• Brand new modern office premises in a class A business building
• Fresh fruits in the office
• Training and mentorship programs
• Access to over 15,000 LinkedIn Learning courses to assist in your professional development