Principal Engineer, AppSec - Helsinki - SOK

Kuvaus

Primary location:

HELSINKI
Would you like to help build secure digital services used by millions of Finns every day? Join our team and empower our developers to succeed in application security through practical support, smart automation, and modern tools

We are looking for a Principal AppSec Engineer to strenghten our DevOps & Developer Experience team. You'd be working in a horizontal role enabling and supporting other engineers in other teams.

At SOK, we work in cross-functional product teams, which means that each team is focusing on their own product, such as S-kaupat, , , S-mobiili, ABC-mobiili and , to mention a few.

Your home base DevOps & Developer Experience team helps others by providing coaching, training, hands-on support, and a limited set of tooling to improve their effectiveness in DevOps practices, security, and operational processes.

Our team is an internal consultancy office that works with multiple teams, while focusing on a few at a time.

Our aim is to help the teams develop secure services using the best tools and practices, and to contribute to company-wide guidelines and processes to improve overall maturity.

We believe we are on the right track but are always looking for ways to improve and to help our teams succeed.

The way we see it, the role of security is to help teams, not to hinder their efforts.

You'd be working as a tight-knit working pair with our Principal Security Engineer and the rest of the team, including an extended (virtual) company-wide security community.

Your workdays would consist of creating and integrating tooling and spreading awareness of and best DevSecOps practices to development teams.

You will help us develop our application security posture together with our other experts.

SOK development teams are still growing, so you will have an excellent opportunity to define how we approach working with teams and developers at an even larger scale.

Your daily work consists of

Defining our roadmap for application security
Measuring the team's security maturity
Automating security with tools and processes
Facilitating threat modelling and other security workshops
Triaging and mitigating vulnerabilities

Your job will be a mix of hands-on and leadership roles, depending on your skills and desire. S Group also offers job rotation and growth opportunities. We work according to agile principles and strive to improve every day.

What We Hope From You

Technical background and a good understanding of the developer mindset that helps you understand how the tools and processes affect the developers' daily work
Ability to help the teams reach better results with tooling, processes, and guidance
Knowledge of cloud security, especially AWS, and serverless architectures
Interest in the implications of AI in the whole SDLC
Experience and solid understanding of application security, SAST, and SCA tools, and vulnerability management
Understanding of incident response procedures
Hands-on attitude with bold strive – sometimes drive for change needs to be created
interest in what is happening in the world of application security and mindset of continuous improvement and learning
Drive to make local learnings to company-wide success stories
Bonus points if you can do penetration testing and security assessments
Fluent communication skills in English. Finnish skills are considered as an advantage, but not a requirement

What We Offer

On top of a respectful salary, superb company benefits and the finest colleagues, this is what we offer in return:

Influence and responsibility.

Our engineers have a lot of freedom in their work, but they also live with their solutions, and so do millions of users too.

Workplace democracy. Our ways of working are not set in stone. Together we'll continuously improve the ways of developing products and services in the biggest private employer in Finland.
Reasonable workload. Our supportive community with its great ways of working, setting realistic expectations and the possibility of hybrid work all adds up to less stress for you

Concrete and rewarding end-results, which you can experience by using S Group's services, when doing your grocery shopping, fueling or staying in a hotel.

Occupational healthcare, sports and culture benefits, lunch benefit in our staff restaurant, and access to the hobby and sports facilities in Ässäkeskus.

Interested? We'll be happy to hear from you

Please send us your CV and an application highlighting your related skills by at the latest. We will actively review applications and invite the most suitable candidates for further discussion. We will notify all applicants about the decision within two weeks after the deadline. Our interview process is both respectful and comprehensive. You'll meet our recruiter, hiring manager and some of your teammates. We'll be discussing technical things as well as softer skills, validating your technical expertise and performing a talent assessment.

The aim is to ensure we can offer what you're looking for, and to make sure you're the right person for the job.

Despite the outcome we strive to make the process a positive one.

About SOK Digital Development

In SOK Digital Development we develop web services and apps used by the end-customers and highlighted by the regular dialogue between digital and IRL worlds.

We work in agile teams, where developers, QA and DevOps engineers, designers, and data and business professionals work together towards shared goals.

What started four years ago with four engineers and one mobile application, has grown to over 100 tech professionals (and we keep growing) and several web services and apps in five different business verticals:
service station and fuel/electricity selling, grocery eCom, home and family supplies eCom, hospitality and banking.

We believe in community internally and externally, are design conscious, pride ourselves on our open-source commitment, our blossoming DevOps culture, and our use of modern tools and democratic development standards for a holistic philosophy to modern and pure software development practices.

What inspires many of us are the co-operative values behind our operations.

We are not on the leash of VC capital or investors, rather we develop services directly for our customers, who are also our owners.

We operate with freedom and the responsibility that comes with it.

#SOK #SOKDigitalTalent
Show more Show less