AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.
We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.
If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.
Position: Senior Application Security Developer
Qualifications: Experience in researching and identifying new threats, vulnerabilities and risks for Cloud-native environments
Location: Lake Forest, California/Calgary – Hybrid
Employment type: Full-time regular (flexible working options available)
About the role:
As part of the Research and Development function, the global Cloud DevOps team combines software development and cloud operations to protect and maintain Aveva’s cloud applications.
As an Application Security Developer (AWS & Azure), you will have the opportunity to join a new team whose responsibility is to:
- Pro-actively identify improvements to AVEVA’s Cloud security
- Design solutions to resolve
- Create code to deliver these solutions
- Identify potential new threats to Aveva’s Cloud security
- Maintain strong working relationships with AVEVA’s Cloud Service Providers and internal development teams.
- Support, enhance and automate:
- The day-to-day security posture of AVEVA’s Cloud solutions.
- The landing zones and the global applications and services hosted within it.
- The security tools and frameworks implemented in AVEVA’s Cloud solution.
Working closely with your development and portfolio colleagues, together you will bring new solutions to the cloud following a standard framework to ensure they are operationally secure, stable, and scalable.
The global, 24x7 nature of the team means there may be a requirement for occasional work outside of the standard day and to be on call as part of a shared team rota.
Responsibilities:
- As part of the security and platform team you will:
- Perform security-focused code reviews
- Use experience of secure application development to assess our cloud infrastructure
- Test our cloud infrastructure for security holes
- Monitor and analyse security relevant logs, alerts and events associated with security incidents.
- Respond to security incidents as identified by users or security monitoring tools to mitigate threats.
- Execute standard operating procedures in response to any security relevant logs, alerts and events.
- Continuously improve security tooling and processes.
- Build code to support automation and manage cloud setup e.g. Azure Functions, AWS Lambdas, Scripts etc…
- Improve our cloud estate management processes and tooling.
- Update the IaC code base which describes the cloud configurations
- Providing support outside of core hours where required.
- Work with development teams to advise and contribute to improvements to security, cost management and cloud compliance.
- Stay current on security industry trends, tools and best practices.
Desired Qualifications:
- Experience of developing secure applications
- Experience of testing applications security
- Experience of cloud security management in either AWS or Azure.
- Experience of developing code to help automate / control the cloud environment in python / C#
- Experience of operating/building services in either AWS or Azure.
- Experience of writing infrastructure as code in either cloud formation/ARM/Terraform
- Strong written, verbal and presentation skills, able to convey information clearly and concisely to technical and non-technical audiences.
- Attention to detail, diligent and tenacious.
- Excellent analysis and dissemination skills.
- High degree of personal motivation and ability to self-manage.
- Maintains and develops relevant industry and technology knowledge.
- Working within an Information Security accredited framework e.g. ISO27001, 27017/18.
Desired Certification:
- Security related certifications e.g. Microsoft’s Security Operations Analyst, AWS Certified Security Specialist, CCSP.
- Certifications in Azure and/or AWS e.g. AWS Solutions Architect, Solutions Architect for Azure.
AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.
AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.