Our focus is on quality! Solutions we produce are often expected to stand the test of time and to have excellent reliability and security. Our customers expect us to question suggestions and come up with a better solution if there is one. That means that we can spend more time in the initial development and in the end save money for our customers by not having to constantly patch bugs while keeping our developers happy by working on interesting problems.
Our team typically consists of people with a mix of interests such as:
If you join Truesec you will have colleagues that would argue that the year of the Linux desktop was 1991 and prefer terminals and clean C code, while others will comfortably navigate the latest Visual Studio preview or AWS interface. Quite often they are the same person.
Becoming a defender by thinking like an attacker
At Truesec we constantly try to break our own creations. Our software projects use mandatory code reviews, where the focus is always learning and improving and never one-upmanship or box-ticking. If the development process or current best practice can be improved, we embrace change, after a healthy discussion among colleagues.
Through the years we have developed strategies for secure development and reducing defects, both security-wise and in functionality. Security bugs are just like other bugs in the sense that the application should do what it is supposed to, and nothing more.
Modern software is complex, and it is easy to lose focus on what is important. We encourage using threat modeling at the appropriate detail level and prioritize risks based on the threat model.
We prefer to find vulnerabilities in the development stage and reducing attack surface over vulnerability patching and incident management.
Security as part of the software development lifecycle.
We develop and maintain distributed systems and mobile application components with very high-security requirements. We work with established standards, such as OWASP Application Security Verification Standard and CWE/SANS Top 25.
Not just yet another ticket to implement…
We are picky with the projects we choose to design and develop for. The longer-term project must be technically interesting and have high-security requirements so that we can perform our craft.
Not only do we help create state-of-the-art secure applications, but also review systems and increase the security level of existing applications. As a member of our development team it is possible to see and review a wide array of customer systems and implementations.
We most often do such assignments in pairs or more, making it possible for you to learn and teach technologies on the job both colleagues with different experiences and areas of expertise and from the customer's.
Let’s recruit together and find your next colleague.
Career site by Teamtailor