Building the next-generation grocery e-commerce suite that is changing the way the world shops.
At Ocado Technology, we are an ambitious global company completely transforming the way the world shops with our cutting-edge AI, ML and robotic technology. With our retail partners spanning the globe, there is a huge amount of growth and opportunity.
The e-commerce stream plays a key role in offering frictionless, convenient, and hyper-personalised shopping experiences for millions of global users across multiple platforms, in different regions, languages, currencies, and more.
Based in our Barcelona office in the heart of the 22@ hub, this amazing community of 27+ nationalities offers an unparalleled culture focused on growth and learning.
Get to know us:
Role & Responsibilities
This role involves supporting teams of software engineers including security practices to their SDLC and maintaining the AppSec tooling integrations.
The roles and responsibilities performed by the AppSec team are:
- Working with teams to provide them with help and guidance on addressing cybersecurity threats
- Conducting threat modelling sessions and training teams on how to run them
- Participating in security issue management processes
- Assisting engineering teams with organising penetration testing by dedicated pentest partners
- Educating and supporting teams perform their security code reviews
- Oversee in-stream use of vulnerability detection and reporting tools
- Auditing, providing teams with feedback and guidance about their security activities (threat modelling, code reviews, SDLC practices)
- Keep updated the SDLC security guidelines
- Research security best practices in other organisations
- Keeping abreast of new vulnerabilities and attack vectors, and associated countermeasures
- Contributing to the centralised AppSec tooling
- Integrations with the security issue management system
- Security monitoring and alerting
- Security reporting
- Static and dynamic analysis
You may be asked to perform tasks as required by management deemed as a reasonable request. This job description is a summary of the typical functions of the role, not an exhaustive or comprehensive list of possible role responsibilities, tasks and duties and is subject to review. The responsibilities, tasks and duties of the job holder might differ from those outlined in the job description and other duties, as assigned, might form part of the job.
Knowledge, Skills and Experience
- Strong interest in application security
- Demonstrable programming ability with an in-depth understanding of underpinning techniques
- Experience in the full Software Development life-cycle from design to deployment
- Ability to work in a geographically dispersed team
- Strong communication skills and ability to influence engineering behaviours
- Interest in continuous learning
- Experience as an Application Security Engineer
- Knowledge of backend and frontend web application vulnerabilities
- Knowledge of cloud environments
- Knowledge of Agile methodologies
- Proven ability to tackle challenging projects
A relaxed, international, talented, creative and friendly environment, where we will provide you with the best tools to develop amazing stuff. We invest in our employees, ensuring we provide them with the best in-house and external training programs available. We also really encourage people to attend conferences and be involved in the local developer community.
- Flexible working hours with short Fridays
- Reduced hours in August
- Private Health Insurance
- Life Insurance
- Ticket Restaurant
- Ticket Transport
- Ticket Kindergarten
- Flexible WFH policy
- Share-saving scheme
- Gym membership discounts
- Fresh fruit, snacks, tea and coffee
- Monthly social events
- Safari Books - O’Reilly account
- Table football, board games and Nintendo Switch
- Tech Talks and internal trainings
- Developer exchange programmes between centres
- English, Spanish and Catalan language courses
We are growing rapidly, making it a very exciting time to join, as we are currently at a brand new office in the 22@ district - the thrilling tech area of Barcelona.
Ocado is an equal opportunities employer and as such makes every effort to ensure that all potential employees are treated fairly and equally, regardless of their sex, sexual orientation, marital status, race, colour, nationality, ethnic or national origin, religion, age, disability or union membership status.