Join our team as a Senior Web Application Security Engineer and subject matter expert advising our software and tech ops team on all matters related to IT & web application security. Work cross functionally to ensure all software products are secure. Analyze software design and implementations to identify and resolve security issues. Include the appropriate security analysis, defenses and countermeasures to result in robust and reliable software. Drive the secure software development lifecycle, developing innovative and efficient security subsystem components and tools.
Responsibilities:
- Software risk analysis, secure software design reviews, code audits.
- Security sub-system design and development.
- Using in-house and third party tools conduct Whitebox, blackbox application and communications security testing.
- Select, support, and direct use of static code analysis tools.
- Develop software lifecycle security standards and policies.
- Provide engineering designs for software solutions to help mitigate security vulnerabilities
- Ongoing education and research on emerging software technologies and security threats
- Integrate automated security testing (including both static and runtime) capabilities into an evolving CI/CD program.
- Define and implement software security programs for development and operations teams.
Position Requirements:
- BS in Computer Science or equivalent experience; an MS Computer Science is preferred
- 5+ years of experience as a software engineer and/or application security engineer working on and securing cloud based production applications in a Linux environment.
- 3+ years of experience scripting and programming in Python & Go
- Strong foundation in computer and network security including authentication protocols, security protocols and applied cryptography.
- Experience in threat modeling, risk analysis, security sub-system design and development, application and network security testing.
- Experience with vulnerability testing and code-level security audits.
- Experience with security of web based protocols and architectures including Service Oriented Architectures, HTTP, HTML and Javascript.
- Understand and integrate business and usability requirements and other non-technical considerations into security risk assessments and design recommendations.
- Deeply knowledgable of vulnerability classes on the OWASP Periodic Table
- Ability to think like a hacker and intruder
by via developer jobs - Stack Overflow
No comments:
Post a Comment