(Senior) InfoSec Engineer Application Security
Philip Morris International
Albarraque, Portugal
há 3 dias

Be a part of a revolutionary changeAt PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to improve the lives of a billion smokers worldwide.

With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions.

PMI’s journey to a smoke-free future is fueled by technology. The total transformation we’re going through means that there are a variety of exciting IT projects here to match all levels of skills and ambitions from pace-setting global pilot projects to vital local updates.

Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions.

Join us in this role and you’ll be part of our IT Information Security & Data Privacy international team in the beautiful city of Lisbon, Portugal.

If you're based in Portugal, but outside of Lisbon - we will consider remote work contracts as well. Your day to day

  • Support IT teams on information security related topics during the design, development and maintenance of new or existing systems
  • Perform detailed security assessments of applications on every stage of SDLC
  • Describe identified issues to relevant stakeholders in the form of reports and ensure that they understand the risk that those issues pose to the Company
  • Embed cybersecurity into the systems development life cycle process, e.g. by leading the execution of threat modelling activities and fostering the adoption of DevSecOps principles
  • Support hands-on the integration of security tools (e.g. SAST, DAST) within the continuous integration / continuous delivery (CI / CD) pipelines of the development teams
  • Create and maintain secure application development patterns and secure coding standards to help IT teams minimizing the number of cybersecurity issues in their products
  • Raise awareness across the organization by delivering trainings, webinars or similar activities that reduce the number of repeated application security weaknesses and technical vulnerabilities
  • Keep up to date with the constantly evolving cyber threat landscape and the latest developments in application security Who we’re looking for
  • Minimum 5 years of experience in web / mobile application security, preferably within a large organization
  • Proven track record in supporting development teams throughout all phases of systems development life cycle (design, threat modelling, development, maintenance)
  • Hands-on experience with integration of SAST, DAST and SCA tools into CI / CD pipelines
  • Strong understanding of cloud computing architectures (e.g. SaaS, IaaS, PaaS, FaaS) and their corresponding characteristics in terms of information security
  • Practical knowledge on modern application architectures including microservices, containers, APIs and serverless technologies
  • Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10
  • Considerable technical writing proficiency and oral presentation skills, in English
  • Practical experience in Agile / DevOps organizations and cultures
  • Highly collaborative, with ability to build relationships with colleagues from different cultures throughout the organization
  • Professional certifications in application security area would be nice to have (e.g. OSWE, eWPTX)
  • Experience with any of the following technologies / tools not mandatory but strongly preferred : AWS, HashiCorp Vault, Terraform, Ansible, Artifactory, Splunk, ELK What we offerOur success depends on the men and women who come to work every single day with a sense of purpose and an appetite for progress.Join PMI and you too can :
  • Seize the freedom to define your future and ours we’ll empower you to take risks, experiment and explore
  • Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong
  • Pursue your ambitions and develop your skills with a global business our staggering size and scale provides endless opportunities to progress
  • Take pride in delivering our promise to society : to improve the lives of a billion smokers
  • Reportar esta oferta de trabalho

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Meu email
    Ao clicar em "Continue", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Formulário de candidatura