SoftServe
Senior/Lead DevSecOps Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About SoftServe
SoftServe is a global IT consulting and digital services company founded in 1993 in Lviv, Ukraine. With over 12,000 employees and headquarters in Austin, Texas, and Lviv, SoftServe has evolved from a small software development firm into a significant technology provider. The company specializes in delivering digital solutions and IT consulting services across various industries, including financial services, healthcare, media, retail, energy, manufacturing, and life sciences. Its offerings include digital engineering, data analytics, cloud services, artificial intelligence, machine learning, and Internet of Things solutions. SoftServe also emphasizes continuous learning through its corporate university, SoftServe University, which provides extensive IT training programs. SoftServe serves a diverse range of clients, including Fortune 500 companies, and is recognized for its commitment to quality and rapid delivery of software solutions. The company values corporate social responsibility and focuses on sustainable development, benefiting its associates and the communities it operates in.
Security at SoftServe
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“Stated AppSec Mission: "All applications and systems ... must go through the Enterprise Service Development Lifecycle (ESDLC)."Developer Enablement vs. Gatekeeping: "The 'security first' and 'zero trust' approach"Risk Philosophy: "SoftServe's IMS aims to balance risks against the cost of implementing controls."Stated Pain Points or Goals (Verbatim): "We will also work to reach and maintain the highest maturity level of our cyber defense operation center (CDOC)."Gaps & Contradictions: No public, verbatim statements found that explicitly describe AppSec as "developer-first,""paved road,"or "security sign-off". Information not publicly available.”
Security Team
Org Structure & Reporting Line: "The CISO, reporting directly to the CEO and serving on the Leadership Team"Key Public-Facing Leaders: Adriyan Pavlykevych, Chief Information Security Officer. Key Quote: "As CISO, I will further strengthen SoftServe's highly reliable and resilient IT ecosystem."Team Size Estimate (as_of:): Information not publicly available. Active AppSec Job Postings (as_of:): Count: 1 (example posting found) for Project Manager (Security). Common Skill/Tool Patterns (verbatim evidence): "Annual Independent Penetration Testing is conducted by an independent security service provider", "manual penetration testing", "dynamic application security testing". Gaps & Contradictions: No public, verbatim list of SAST/SCA/DAST vendor names used by the AppSec team. Information not publicly available.
Key Initiatives
Security Champions Program: Status: No Evidence Found. "Shift Left"in Practice (verbatim evidence): "According to the internal SDLC rules, the application needed to pass an independent third-party security audit."and "application source code analysis". Vulnerability Management Process (verbatim evidence): "Vulnerabilities in corporate services and products are tracked via the Vulnerability Management System."and "Operations managers coordinate the vulnerability-fixing process to comply with the corporate SLAs."Triage/Remediation SLAs/Ownership: Information not publicly available. Secure SDLC Artifacts (verbatim evidence): "Enterprise Service Development Lifecycle (ESDLC)", "Annual Independent Penetration Testing", "ISO/IEC 27001:2022". Recent Initiatives (Last 6 Months): No public, verbatim AppSec-specific program announcements located in the last six months. Gaps & Contradictions: No public, verbatim statements describing security champion program, SAST/SCA vendor tooling, AppSec team headcount, or SLA/MTTR targets for remediation.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.