At Motorola Solutions, we create technologies our customers refer to as their lifeline. Our technology platforms in communications, software, video and services help our customers work safely and more efficiently. Whether it’s helping firefighters see through smoke, enabling police officers to see around street corners, or reliably keeping the lights on in homes and businesses around the world, our work supports those who put their lives on the line to keep us safe. Bring your passion, potential and talents to Motorola Solutions, and help us usher in a new era in public safety and security.
The Application Security Architecture team is responsible for developing the entire application security strategy across Motorola Solutions, including tooling, SDLC, guidelines, standards and vulnerability management. You will be working closely with engineering teams to understand their technology stacks, pipelines, frameworks, and products and create seamless solutions to integrate security testing and metrics.
We are looking for an individual that is passionate - not just about cybersecurity - but also about our mission to protect public safety and first responders.
Your responsibilities will include:
- Architecting robust and scalable cloud native solutions for vulnerability scanning, reporting and metrics
- Designing and implementing serverless functions, webhooks, CLIs and other utilities for helping engineering teams automate and validate their security scans
- Integrating automated security tests via various tools into CI/CD pipelines
- Leveraging cloud infrastructure and APIs to help gain visibility and oversight of our security posture
- Investigating commercial and open-source security scanning tools
- Developing various automation scripts, plugins and dashboards to enable application security and vulnerability management oversight at scale
- Performing research and documenting best practices on securing and implementing various technologies as we adopt them
- Providing assistance to engineering teams for running security scans, interpreting results, and tracking remediations
- Creating resources, documentation and training materials to help engineering teams onboard security scanners
We believe automation is king, and our goal is to attempt to automate security testing as much as we can - including everything from the way our security testing tools are deployed and triggered, to how metrics and remediations are tracked.
We will rely on you to come up with innovative and automated ways to help teams secure their applications and systems utilizing every tool we have at our disposal. This is also a great chance to learn and improve your cybersecurity skills through research, experimentation and hands on implementation.
If you are passionate about cloud infrastructure, DevOps and security and want to help solve important problems at scale in a high stakes environment, this role is for you. If you are a developer or operations engineer with a strong passion and interest in security, this role is for you. If you are a security consultant or penetration tester but want to help build and defend solutions against the attacks you’ve normally performed, this role is for you!
This is your opportunity to help shape the application security landscape for products that directly impact people’s lives, every single day.
What we are offering you:
In return for your expertise, we’ll support you in this new challenge with coaching & development every step on the way.
Also, to reward your hard work you’ll get:
- competitive salary package,
- private medical & dental coverage,
- Life insurance,
- Employee Stock Purchase Plan,
- Employee Retirement Plan,
- Flexible working hours (usually day start between 7-10),
- Home office up to 20% (to be agreed with the team),
- A strong collaborative culture,
- Comfortable work conditions (high-class offices, parking space),
- Volleyball field and grill place next to the office,
- Access to wellness facilities and integration events
- Training and broad development opportunities.
Who we're looking for?
- Bachelor’s Degree
- Must have at least 3 years experience in either development, operations or security
- Familiarity with application security concepts (e.g. OWASP Top 10)
- Some experience with or desire to learn security testing tools such as SAST, DAST, and vulnerability scanners (e.g. Fortify, OWASP ZAP, Nessus, etc)
- Strongly proficient in at least one scripting language
- Exposure to various programming languages (i.e. ability to figure out what’s going on by looking at code snippets)
- Strong ability to learn and research new things, including tools, languages, frameworks, etc.
- Strong communication skills and the ability to present security concepts to non-technical audiences
- Familiarity with DevOps practices, including CI/CD pipelines and tools (e.g. Jenkins)
- exposure to cloud infrastructure and network architecture, familiarity with cloud security concepts, especially with Azure.
Nice to have:
- Experience with, or desire to learn, Infrastructure as Code and Automated Configuration Management tools (e.g. Terraform and Ansible).
- Healthcare package
- Healthcare package for families
- Leisure package
- Financial bonus
- Pracowniczy Program Emerytalny
- Cold beverages
- Hot beverages
- Car parking
- Bicycle parking