This is one of those things. I do security engineering but it has little to do with building systems or software. In this case what they mean is "engineering securely" but a security engineer in a security team will be engineering various security tools and content (endpoint security tools/content, threat intel platforms,SIEM,etc...) so literally engineering security controls. Not that I mind but the ambiguity might cause confusion.
If you're interested in learning how to develop secure software, I recommend checking out the free set of 3 courses from the Open Source Security Foundation (OpenSSF) on "Secure Software Development Fundamentals": https://openssf.org/training/courses/
They're hosted on edX. Like many edX courses, if you want to prove you learned the material you can pay to try to pass various tests and get a certificate, but you do not need to pay if you just want to learn the material.
Full disclosure: I'm the author. But hopefully you'll like it anyway :-).
Interesting...not heard of the openssf (I see they were only formed in 2020?).
Regarding secure software development, I've not seen many certs / exams covering the topic, so it's good you've developed those 3 courses. The only other cert I've seen is the CSSLP by (ISC)2:
10 comments
[ 4.3 ms ] story [ 38.2 ms ] threadNow if you really want to be in research and current attack/defense then you need to do your homework.
But all the foundations in this book will help you have a comprehensive picture of the landscape you're playing in.
They're hosted on edX. Like many edX courses, if you want to prove you learned the material you can pay to try to pass various tests and get a certificate, but you do not need to pay if you just want to learn the material.
Full disclosure: I'm the author. But hopefully you'll like it anyway :-).
Regarding secure software development, I've not seen many certs / exams covering the topic, so it's good you've developed those 3 courses. The only other cert I've seen is the CSSLP by (ISC)2:
https://www.isc2.org/Certifications/CSSLP
Can you comment on how they compare?
Not in order to make people experts, but eg security for the working web engineer?