The Avaloq Security team is an international team of analysts, senior and expert software engineers and architects. The Avaloq Security team develops and maintains central application security frameworks and tools for all companywide technology stacks and consults the business teams on best practice implementations for context specific security requirements. It furthermore operates the group-wide application security assessments, monitors the security vulnerabilities and supports the business teams in related risk mitigation plans.
Your key tasks
- Analysis, design and development of requirements in collaboration with colleagues of Product Development, customers, business analysts and software partners
- Collaboration and contribution in projects across departments
- Check the daily automated build process for security warnings and provide support to resolve it
- Monitor third party library enrolment, update, and removal by using in-house tools and Whitesource
- Provide expert analysis on false positives findings, validate exploitability of detected vulnerabilities, and develop possible fixes
- Maintain data for configuration control of the release baseline.
- Coordinate security actions across multiple team to ensure the high quality of the Avaloq products
- Prepare and distribute reports and documentation of security risks
- Conduct periodic reviews to ensure compliance with established security policies and procedures
- Participate in technical talks to internal members regarding security implementation, vulnerabilities, and opportunities for improvement
