Job Detail

Company Description

Nexthink is a global leader in Digital Employee Experience. Our product allows enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experience. Through a unique combination of real-time analytics, automation and employee feedback across all endpoints, Nexthink helps IT teams meet the needs of the modern digital workplace.

Headquartered in Switzerland, Nexthink also has offices in France, UK, Germany, Spain, UAE, Saudi Arabia, Australia and the US. Our growing team of Nexthinkers is proud to be making the digital work lives of seven million employees across 1,000 customers more productive.

At Nexthink, we believe actions are stronger than words when it comes to diversity, inclusivity, and equity in the workplace. Nexthinkers are multinational and multilingual, and come from all walks of life. We are committed to hiring a genuine representative workforce that can help us create solutions and foster innovation for the modern digital employee experience. Join us today!

Job Description

This is a unique opportunity for a talented and experienced Application Security Lead to join a fast-growing company like Nexthink. We are looking for a person to ensure that our applications are designed and implemented to the highest security standards thus maintaining and enhancing customer trust. If you enjoy analyzing system services, operating systems, networks and applications from a security perspective, and you are skilled at discovering security issues that appear under new threat scenarios, this position will provide you with a challenging opportunity. You will have the opportunity to have a real impact in the success of Nexthink. 

Responsibilities 

- Lead the entire application security strategy of Nexthink

• Identify security issues and risks, and develop mitigation plans 


• Review the architecture, design and development plans to ensure they comply with industry security standards 


• Implement security policies and techniques to ensure the whole product stack, from application down to the operating system complies with industry security standards 


• Evaluate and recommend new and emerging security products and technologies 

- Lead the DevSecOps by

• Educating developers and devops around the plan, policies and best practices 


• Supporting DevOps on building security automation and achieve scalability 


• Developing metrics for performance and risk monitoring 


• Stay up to date with the industry practices, tools and market trends 

- Lead security discussions with customers and engineers

- Lead incident handling related to the application

Qualifications

• Bachelor’s degree in Computer Science, Computer Engineering or related field, or 5+ years relevant work experience 


• 5+ years experience in Application-level vulnerability testing and auditing and Application security 


• 3+ years of experience and involvement with development team(s) that delivered commercial software or software-based services (development, QA testing, or security role) 


• You have excellent written and verbal communication skills and enjoy speaking with developers and other technology stakeholders to advocate for security best practices and provide technical guidance on the risk of vulnerabilities or misconfigurations


• Experience with the application of threat modeling or other risk identification techniques 


• Development experience in Java, C++ 


• Experience with scripting languages (e.g. python, ruby, bash) 


• Experience in Linux OS hardening (CentOS, RedHat preferred) 


• Hacking mindset. You make finding bugs/exploits your mission.  


• Analytical mind, flexible mindset, and result oriented  


• Strong problem-solving skills 


• At ease in an Agile environment 


• Ability to work in a dynamic, flexible and collaborative team 


• Fluent speaking and writing in English. French is a plus 

Would be a plus: 

• Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits 


• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) 


• Experience in micro-services architecture security 


• 1+ years relevant security analysis work experience (security consulting or penetration testing) 

Additional Information

This is an exceptional opportunity to join a fast-growing, successful and innovative company. Nexthink allows you to thrive in a unique work environment where the emphasis is on excellence, innovation, openness and collaboration.

Videos To Watch