Exness Group was founded by a group of like-minded professionals in the area of finance and information technology in 2008. We are the broker of choice for every trader who demands high-quality services. Today we are 1000+ represented by more than 70 nationalities, continuously expanding our existing teams and creating new ones.
Our culture allows each employee to be the best version of themselves, constantly increasing their expertise. Our culture and values rely highly on Ethics & integrity + Smart scientific approach!
We are looking for an Application Security Team Lead to join Exness Technology. You will lead the Application Security Team with the objective to identify existing and emerging security threats and protect Exness Group of Companies from them, maintain business continuity and regulatory compliance in respective areas. It will also build an Information Security vision and a roadmap for the Group of Companies in this area.
What you will do:
- Develop and manage application security areas, including:
- Build and continuously develop strong Application Security Team, deliver high-performance and high level of expertise to the company.
- Build security over and integrate secure software development principles and security controls to the existing software development process of the company.
- Help other quality focused teams to improve and strengthen the quite agile SDLC.
- Develop reliable and optimized defect management approach.
- Develop and implement cross-functional software development frameworks and non-functional requirements to make the process more efficient and secure.
- Automate security controls with strong focus on their results for the company.
- Build various security metrics (both simple and complex) to make the process transparent and measurable.
- Develop bug bounty program of the company.
- Develop and improve the security monitoring process across the company applications (in-house and SaaS/PaaS) to deliver standardized, traceable and transparent logging approach.
- Support various engineering teams with application security expertise;
- Lead software development security awareness programs and internal and external application security brand building process;
- Lead data protection process in application security area.
- Attract highly-skilled application security and software development professionals to the company.
What you need to succeed:
- At least 2+ years Application Security engineering experience.
- At least 3+ years Application Security or Cybersecurity leading experience.
- At least 2+ years Team leading experience.
- 8+ years of overall experience in Information Technology areas.
- SDLC building in technological companies.
- Knowledge of any PLs, popular authentication and authorization frameworks, OWASP methodologies, architectural and software-design patterns, applied cryptography and zero-trust concepts in software development.
- Ability to use community and industry knowledge, to transform and to apply that to work activities.
- Deep analytical skills.
- Strong understanding of importance of teamwork and collaboration.
- Would be a plus (any of the list):
- Experience in high-loaded SaaS providers on technological positions;
- Software Development and Software Architecture experience;
- Experience in in FinTech and technical knowledge of blockchain, smart contracts and cryptocurrencies;
- Professional offensive experience;
- Security certifications (Offensive Security, CREST etc.);
- Knowledge of web-, mobile- and system development specifics;
- Understanding of containers and cloud security principles.
- Medical insurance for employees.
- Coworking expenses compensation.
- “Get to know your Team” trip to Cyprus.
- Sports activities compensation.
- Extensive learning opportunities.
- Flexible public holidays.
- 100% pay of Annual leave.
- Professional Development.
*If you would like to learn about relocation opportunities to Cyprus, please contact the dedicated TA Specialist.
Your application will be reviewed further and you will receive an update in due course if you are shortlisted. Due to high volume of applicants, we are able to contact only shortlisted candidates at this point of time.