Tech Jobs for Talents without Borders
English-1st. Relocation-friendly. Curated daily by Imagine.
4,699 Jobs at 191 Companies

Software Developer (JAVA) - Application Security

Adidas

Adidas

Software Engineering
Zaragoza, Spain
Posted on Monday, February 12, 2024

At adidas, our love for sport drives who we are and what we do. But just as a ball is more than leather and thread, and a show more than padding and plastic, we are bigger than our products. We don't just work to create faster shoes and lighter fabrics. We strive to help athletes everywhere perform their best. We believe that it's hard work inventing the future of sport, and that's why we love it; that when you push your limits, you make it possible for others to push theirs.

We believe that through Sport, we have the power to change lives.

To change lives, we have to create direct relationships with consumers and the best way to accelerate building direct relationships is through Digital.

Software Developer (JAVA) - Security Product Engineer

Purpose:


The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

Key Responsibilities: Information security

  • Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Contributes to development of the vulnerability mitigations of the products that are in the Product Area.
  • Oversees and coordinates Application security services in the product area.
  • Coordinates and support penetrations testing activities in the Product Area.
  • Provides Information security consultancy in the product Area.
  • Triages registered vulnerabilities and facilitates the process towards mitigation.
  • Conducts manual code reviews on demand
  • Analyze and plan the field of Security trainings in the Product Area.
  • Evaluate and improve the respective InfoSec KPIs in the Domain.

WHAT YOU CAN EXPECT

  • You will bring your ideas to life in a buzzing environment of highly engaged, multinational agile teams, who at their core build game-changing software products. Right there with you!
  • You will focus on developing backend applications based on microservices architecture using Java (Spring boot) and JavaScript (Node.js)
  • You will understand the full Secure SDLC process
  • You will work on the pipelines to implement Global Infosec Standards
  • You will work hands on with static and dynamic security scanners.
  • You will perform code reviews for critical code change to ensure code quality and security standards
  • You will fix confirmed vulnerabilities in alignment with the product teams
  • You will engage with key stakeholders (Devops teams, product owners, Product leads)
  • You will transfer the technical depth Information Security and Devops Teams
  • You will consult and coordinate Information Security related consultancies in the product.
  • You will support the penetration tests activities in the product and support mitigations.
  • You will understand your product and its area with all it’s integrations
  • You will be continuously learning the latest tech from internal trainings, experienced colleagues, conferences, and trainings
  • You will attend Scrum ceremonies, including daily stand ups, refinements and retrospectives
  • You will follow existing release process to enable developed features in live systems
  • You will ensure team code is compliant with code quality and standards

WHAT WE ARE LOOKING FOR

  • 4+ Years of experience in development
  • Striving towards security in development.
  • Willingness to train and improve in Information security
  • Hands-on experience in backend development in Java (Springboot) and/or Node.js is a must.
  • Working experience with ReactJS or Angular is a plus.
  • Experience designing and implementing REST APIs
  • Strong knowledge of software development methodologies, tools and processes
  • Strong CI/CD experience. DevOps mindset
  • Experience with continuous integration (toolset) and cloud platforms is a big plus
  • Experience with event driven architectures is nice to have
  • Knowledge of secure coding best practices and OWASP Top 10 is a plus
  • Motivation to never stop learning in Cyber Security and digital domain.
  • Strong interpersonal and communication skills. Fluent in English (verbal and written).
  • College or university degree with focus on IT or equivalent.

THOESE ARE YOUR TECHNOLOGIES

  • Static code scanners
  • Dynamic web application scanners
  • Languages and Frameworks: Java (Spring, Spring Boot), Node.js, React
  • Container Orchestration: Kubernetes, Docker
  • CI/CD: Jenkins
  • Cloud platforms: AWS
  • Events: Kafka
  • Agile Methodologies: Scrum/Kanban

WHAT WE OFFER:

  • Be part of a company where digital transformation, innovation and continuous improvement are core principles of our culture.
  • Join a team of talented and passionate engineers, with a lot of opportunities to learn, grow and reach your expectations.
  • Individual development, training and a tech community.
  • Sport friendly environment, great work-life balance and flexibility.
  • Competitive salary, benefits and valuable discounts on adidas & Reebok products.
  • Hybrid Work Setup: enjoy the advantages of a flexible remote work environment (within Spain) combined with the amazing onsite facilities and culture.

WHAT IF I DON’T CHECK ALL THE BOXES?

Not a problem. At adidas, we’re keen to increase our team’s diversity of backgrounds and skills, and we’re more interested in the work you will produce than that work you’ve already produced in the past. If you’d love to work with us, then we’d love to hear from you

THROUGH SPORT, WE HAVE THE POWER TO CHANGE LIVES

Check out the adidas developer portal to see our latest projects, platforms and tech stacks: https://adidas.github.io/