Jobs

Apply Now

Applications processed via employer's online application form

Job Details

Category

Other

Location

Belfast, Northern Ireland

Share

Staff Security Engineer

  • Bazaarvoice connects brands and retailers to consumers so that every shopping experience feels personal. From search and discovery to purchase and advocacy, Bazaarvoice’s solutions reach in-market shoppers, personalize their experiences, and give them the confidence to buy. Each month in the Bazaarvoice Network, more than a billion consumers view and share authentic content including reviews, questions and answers, and social photos across 6,000 brand and retail websites. Across the network, Bazaarvoice captures billions of shopper signals monthly - data that powers high-efficiency digital advertising and personalization with unmatched relevance.

    Who We Want:

    The Staff Security Engineer will be primarily responsible for leading our Application Security initiatives at Bazaarvoice and working to embed security into the day to day activities of our software engineering teams. 

    This role will build custom and open-source tools and services to identify and report on vulnerabilities in applications developed by Bazaarvoice.  They will work with developers, QA engineers, and product teams to integrate security testing into all phases of the software development lifecycle. They will identify opportunities to improve the security posture of our products and systems and provide assistance and guidance to the Product & Engineering teams in remediation efforts.  They will participate in design reviews, model threats and recommend controls to effectively mitigate risk.  Most importantly, they will work to improve and expand their security skillset and innovate existing processes or tools.

    This candidate must show proficiency in building scripts and libraries for security testing, have knowledge of application vulnerabilities and effective remediations (e.x. OWASP top 10), and show aptitude for analysing application and infrastructure architecture.  We are primarily a Java/Python/JavaScript shop, so comfort with these languages is a definite plus.   They must be comfortable in partnering with software engineers from different backgrounds and skillsets to facilitate meaningful change.  Additionally, an ideal candidate must have experience in AWS (or other cloud environments) and come prepared with foundational security knowledge needed to protect a global organization.

    What You’ll Be Doing:

    • Develop and maintain new tools and frameworks for automated testing, monitoring, and reporting
    • Assist engineers in integrating security tools and testing libraries into their builds and deployments and monitor their effectiveness
    • Share team administration and maintenance responsibilities for SecOps tools and initiatives (such as WAF platform, Cloud audit, HIDS/NIDS)
    • Build and update meaningful security standards and playbooks for engineering teams
    • Participate in design reviews and assist in threat modelling applications and services
    • Mentor engineers and lead technical security training initiatives (such as OWASP Top 10 training)
    • Serve as a subject matter expert for their area in the Security Incident Response Team
    • Assist developers in implementing standards and monitor and report on the effectiveness
    • Work with Legal, Privacy and the Bazaarvoice clients during audits and examinations
    • Embrace a culture of continuous service improvement and service excellence
    • Stay current on security industry trends

    Who You Are:

    • You have several years of experience in a security engineering or architecture role
    • You have several years of experience with the development, deployment, and automation of (custom, open-source, and enterprise) security solutions in a complex cloud-based environment
    • You have demonstrable experience with the AWS (or another major cloud) platform and major services 
    • You’ve worked with CI or CD tools such as Jenkins, TravicCI, GitLab CI
    • You understand the goal of DevOps philosophy and where security can integrate into it
    • You have competent coding skills (specifically in building scripts and libraries) in languages like Python, Bash, or Go
    • You understand Agile processes and goals
    • You enjoy finding areas of improvement to explore without needing guidance
    • You can work with a team as well as an individual with little or no supervision
    • Experience with security frameworks or compliance programs such as GDPR, ISO27001, IS027002, NIST CSF
    • You can communicate effectively and build solid relationships with individuals of all skill levels, backgrounds, and job functions

    Nice To Have:

    • Security certification such as CISSP, OSCP, GSEC
    • Knowledge of general-purpose programming languages such as Java, JavaScript, Scala
    • Published bug bounty findings or security research
    • Open Source contributor

    Our Employee Value Proposition:

    BV’s Impact on the Market:

    We are shaping the way people shop, putting the shopper experience at the heart of everything we do.  We partner with the world’s largest brands and our network’s impact is comparable to Facebook, LinkedIn and Google.  If you shop or research online, it’s very likely that you’ve already interacted with Bazaarvoice. With market leading technology, shopper data that spans over a million shoppers and a billion shopper interactions a month, our future is limitless.

    What this means in R&D:

    Working on something real that people use on a daily basis in an environment that celebrates engineering, has been and continues to be a key factor in the success of Bazaarvoice. There are very few opportunities in the market that allow you be part of a company that delivers products that are used by millions of people every day.

    Professional Learning, Growth and Impact:

    You can grow your career, your skills and professional experiences by working across a breadth of business initiatives, different global regions and innovative solutions. You have the opportunity to see tangible results from your direct contributions and build your own brand at Bazaarvoice.  With new products and markets on the horizon, there has never been a more exciting time to be at Bazaarvoice.

    What this means in R&D:

    It is clear that managers want what’s best for both the company and people. Here in Bazaarvoice there is a wealth of knowledge among the teams that is shared in a collaborative, productive way. Getting to work at our scale with the level of autonomy given, is rare. You are encouraged regularly to be the best version of your professional self at work. You are in charge of your own learning but given the space and time to own it completely. We don’t just say it- we mean it!

    Great People:

    You will work with and help recruit bright, experienced, passionate and humble colleagues that bring diverse perspectives on a daily basis.  We are open minded, respectful and transparent.

    What this means in R&D:

    There are no ego’s here in R&D. You are surrounded by smart people who build world class software but who never forget to have fun whilst they do it. Working in an environment where you work together to share knowledge and skills is vital in helping you within your career as an engineer. Both colleagues and managers don’t just give support but focus on listening.  

    Culture:

    You will be part of a vibrant culture where we celebrate, we collaborate, and we come together generously to elevate one another & our community. We promote open dialogue at all levels and are generous with our time and ideas.

    What this means in R&D:

    In R&D, we don’t look for a culture ‘fit’ but for a culture add! The atmosphere, not only among teammates, but across the wider engineering department (and beyond!) makes coming to work a pleasure. Working as part of engineering, you are guaranteed to work with bright, smart people who will always have something else to bring to the table.

    Commitment to diversity and inclusion

    Bazaarvoice provides equal employment opportunities (EEO) to all team members and applicants according to their experience, talent, and qualifications for the job without regard to race, colour, national origin, religion, age, disability, sex (including pregnancy, gender stereotyping, and marital status), sexual orientation, gender identity, genetic information, military/veteran status, or any other category protected by federal, state, or local law in every location in which the company has facilities. Bazaarvoice believes that diversity and an inclusive company culture are key drivers of creativity, innovation and performance. Furthermore, a diverse workforce and the maintenance of an atmosphere that welcomes versatile perspectives will enhance our ability to fulfil our vision of creating the world’s smartest network of consumers, brands, and retailers.

Apply Now

Applications processed via employer's online application form