Trilliant offers a universal communications platform that is at the convergence of the smart grid, smart city, and global Industrial Internet of Things (IIoT) applications. We bring together multi-technology solutions, global capabilities, and mission-critical communications to deliver future-proof solutions.
We are a device-agnostic, integrated, multi-technology communication platform that provides flexibility to balance technological capabilities with economic needs. At Trilliant, we are committed to best-in-class solutions that empower our customers and their customers to connect to the world of things.
We are an equal-opportunity employer offering comprehensive benefits and compensation packages with a selection of insurance programs. We have dynamic and collaborative work environments with some of the brightest employees in the world. We invest in people and provide opportunities for our employees to grow hand in hand with our business.
Define and implement the policies and methodologies of safe development in Technology Management in accordance with the international standards demanded by our Clients so that the Software and network solutions developed meet the requirements of the international market. This position will report to the VP of Engineering – Chief Architect.
- Define and implement security controls that meet the requirements and quality attributes, to guarantee the integrity, confidentiality, availability, and privacy of the information.
- Monitor and control compliance with secure software development methodologies, to ensure proper code structuring.
- Establish security assessment metrics in the software and firmware, to generate early warnings about developments.
- Improve security policies related to the software and firmware production pipelines, to generate a dynamic, safe, and stable environment for development. Develop or define supporting POC as needed.
- Specify the environments for testing and evaluating code with respect to security areas, to generate stability in the applications.
- Respond to RFP security questions on behalf of Trilliant.
- Cultivate an awareness about Information Security in the engineering department, to generate a culture against information security.
- Carry out the activities assigned to meet the objectives of the area. Including reviewing vulnerability reports from tools, customers and QE.
- ·Know and apply the policies and procedures established for the fulfillment of the objectives of the Integrated Management System, as well as participate with commitment in the activities convened and contribute to the effectiveness and maintenance of continuous improvement.
- Know and apply the Occupational Health and Safety policy, taking comprehensive care of your health, providing complete and real information about it, complying with all the hygiene standards of the Company, and actively participating in all activities inherent to the SG-SST.
- 8 years of experience in software development and secure development practices.
- 5 years of experience managing security requirements within the framework of Engineering projects.
- 3 years of experience managing security requirements for cloud deployments.
- Knowledge of secure development methodologies such as Microsoft S-SDLC, OWASP SAMM, and/or DevSecOps.
- Knowledge of DevOps solutions, such as Bamboo, and Azure DevOps/TFS.
- Experience with IBE/KPI, certificates, HSM/Vaults.
- Basic knowledge in the Application of Static Analysis of Security SAST and Dynamic Analysis of Security DAST.
- Basic knowledge in the management of Pen testing and Vulnerability Analysis tools, examples: Burp Suite, Wireshark, Nessus, OpenVAS, Zap Framework, Kali Linux, Parrot OS
- Basic knowledge of container management (Docker swarm/Portainer) and cloud computing (AWS, Google or Azure).
- Knowledge of object-oriented programming, aspect-oriented programming and structured programming. (Bash, Python, Powershell, Python, C#, .Net Framework, Angular JS)
- Basic knowledge in Identity Management and Administration, example: Kerberos V5, OpenID Connect 1.0, oAuth 2.0, User Repositories, Active Directory, KeyCloak.
- Basic knowledge in Administration of Unix-like Operating Systems and Windows Server.
- Tools and strategies for securing applications deployed in the cloud.
- Object-oriented programming
- Analysis and vulnerability tools.
- Information Security Architectures for Applications (DevSecOps, Identity Management, Authorization, Auditability/Traceability, Content Filtering and Firewall, Networking, Load Balancing, Quality Policies)
- Systems Engineer or related careers.
- English level C1
- Specialization in Information Security.
- CSSLP and/or CISM and/or CISSP certificate
PASSIONATE– We find the right solutions for customers and exceed their expectations.
ACCOUNTABLE- We work smartly and tackle problems with urgency to get the job done.
CONFIDENT– We look to the future and partner with each other to deliver world-class solutions.
ENERGIZED- We are excited and support the growth and direction of Trilliant.