Security Engineer (Security, Performance and Observability) - IFS Technology

Company Description

IFS is a billion-dollar revenue company with 6000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.

At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.

We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.

By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.

We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.

If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.

Job Description

We are seeking Security Engineers to implement and oversee automated security practices across our organization. This is a critical role that requires collaboration with cross-functional teams to shape the future of security within our company.

A Security Engineer at IFS is responsible for implementing successful strategies, secure patterns, and improvements to engineering methodologies and practices across the product portfolio. The role demands active engagement with peers and team members to disseminate Security best practices and knowledge throughout the IFS community.

Furthermore, a Security Engineer at IFS is required to continuously expand their Architecture, Security, Privacy, and Compliance domain knowledge, including staying abreast of industry trends. Security Engineers will work closely with development teams and architects to ensure the adoption, implementation, and testing of security practices. They will apply their expertise to guarantee secure and successful technical outcomes. In certain instances, individuals in these roles will represent the entire company in key projects.

As a Security Engineer, your core responsibilities will include:

• Implementing security automation practices in collaboration with development and operations teams to integrate security into CI/CD pipelines.
• Designing, implementing, and maintaining secure CI/CD workflows, ensuring rigorous security checks and validations are integrated into the software development lifecycle.
• Conducting comprehensive threat modeling to assess risks and attack surfaces of IFS Products.
• Managing, enhancing, and overseeing the adoption of security platforms and tools to optimize vulnerability detection, response, and mitigation.
• Establishing and leading security guilds to cultivate a culture of security awareness and shared responsibility across the organization.
• Conducting and supervising regular penetration testing activities to identify and address potential vulnerabilities in systems and applications.
• Implementing improvements in vulnerability management and patching processes to ensure timely remediation and risk minimization.
• Identifying and implementing robust Security controls to address IFS Product threats.
• Providing expert guidance on the implementation of Security patterns.
• Advising on best Security practices and ensuring their strict adherence.
• Preparing comprehensive design documentation, reports, and technical presentations.
• Contributing significantly to improvements in Security, Privacy, and Compliance of IFS products and services.

Qualifications

• Demonstrated extensive experience in security engineering, with particular emphasis on the implementation of automated security solutions.
• Comprehensive understanding and application of DevSecOps principles and practices.
• Substantial hands-on experience with CI/CD tools (e.g., Bitbucket, Jenkins, GitLab, GitHub Actions, or equivalent).
• Advanced proficiency in security platforms, vulnerability management tools, and scripting languages (e.g., Python, Bash).
• Proven track record in conducting rigorous penetration tests and comprehensive security assessments.
• In-depth knowledge of common vulnerabilities (e.g., OWASP Top Ten) and advanced remediation techniques.
• Exceptional communication and collaboration skills, with demonstrated ability to effectively engage and motivate cross-functional teams.
• Extensive familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes).
• Thorough and up-to-date knowledge of Security standards (e.g., NIST, ISO 27001, CIS).
• Significant experience in applying risk assessment methodologies (e.g., ISO 27001).

Additional Information

We embrace flexibility and hybrid work opportunities to support diverse needs and lifestyles, while also valuing inclusive workplace experiences. By fostering a sense of community, we drive innovation, strengthen connections, and nurture belonging. Our commitment ensures you can work in a way that suits you best, while also engaging with colleagues to share ideas and build meaningful relationships.