Job Description

ABOUT US
Software AG's mission is to help organisations "turn data into value".
We’re a global software company founded over 50 years ago and continually growing and innovating. With a presence in over 70 countries, our customers include many of the world’s major airlines, well-known makers of sodas, chocolate and PCs, and key players in the rapidly expanding world of industrial IoT.
We’re passionate about software, passionate about our people, and passionate about using technology to create truly world-class products.
ABOUT THE JOB
The successful candidate will become a member of the close-knit and highly skilled multi-disciplinary R&D team developing the market leading Cumulocity IoT platform, using various exciting technologies and techniques.
You'll join a team of friendly, innovative, and motivated colleagues. We care about quality, and we are always up for learning something new. We enjoy discussing the best way to design and implement our code and test cases. Whatever level of experience you have, you'll be able to make a real contribution at Software AG and have plenty of chances to grow.
We are looking for someone to take a leading role in engineering the Cumulocity platform to deliver the highest possible security in all its different deployment scenarios: public cloud, private cloud, and single node “edge” environments. This will involve understanding users’ and platforms’ security requirements, recommending architectural and design changes, and implementing them. There will also be an element of teaching other developers how to think clearly about software security and driving a culture of considering security impacts in all product development activities.
This is a hands-on product development role with a strong focus on security, but you can expect to also work more generally on feature development and maintenance of the Cumulocity IoT platform. Our primary development language is Java 8+, with a smattering of Rust, so we expect you to have up-to-date knowledge and relevant experience in at least one of those and to be willing to learn the others quickly as necessary.
You'll be part of an agile development team, learn new skills as needed and have the chance to pick up best practices and tips from our seasoned developers. In our teams, everyone's ideas are valued - right from your first day with us - and everyone is encouraged to contribute to design discussions, documentation, code reviews, our public community and shaping how we work.
Responsibilities include

• Design, implement, test and operate advanced software security techniques in compliance with the technical reference architecture
• Perform ongoing security testing and code review to improve software security
• Troubleshoot and debug issues that arise
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities
• Contribute to all levels of the architecture
• Maintain technical documentation
• Consult team members on secure coding practices
• Develop a familiarity with new tools and best practices

ABOUT YOU
You will already be an experienced commercial software developer with a track record of analyzing software designs and implementations from a security perspective and identifying and resolving security issues. Experience in the appropriate security analysis, defense and countermeasures at each phase of the software development lifecycle to result in robust and reliable software. You should have a background in Web Applications, API and Cloud-Native Applications. A degree in Computer Science, Software Engineering or a closely related subject is highly desirable but not essential, depending on your level of practical experience.
You must be someone who takes pride in constantly improving and is passionate about delivering software engineered to the highest standards of readability/maintainability, security, performance, and usability. You must have strong interpersonal skills, including the ability to communicate clearly and concisely with peers and the ability to operate independently and work on your own initiative, taking ownership and responsibility for software deliverables. As a senior member of the team, you should also be able to coach and mentor junior team members and provide technical leadership on projects.
EXPERIENCE AND QUALIFICATIONS

• Knowledge and practical commercial experience in:
  • Proven work experience as a software security engineer
  • Detailed technical knowledge of techniques, standards and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
  • Software development in Java and related technologies
  • Adequate knowledge of Microservices, containers, cloud technologies, web-related technologies, and network/web-related protocols.
  • Agile software development
• A degree in Computer Science or another relevant subject
• Technical leadership experience is desirable

WHAT YOU CAN EXPECT

• An opportunity to join a world-class team working in an exciting and rapidly growing domain.
• A competitive compensation package including a performance-driven bonus.
• A generous benefits package including pension and comprehensive medical insurance.
• Additional benefits include innovation/hack weeks, at least 50 hours of dedicated time each year for learning/training and flexible working hours.