Software Engineer 4- Security

Job Description

Overall Summary:

Our client is looking for someone who will bring their expertise of application and system security to work together with platform teams to apply industry’s best practices to our client’s systems and architecture. You will be analyzing system services, operating systems, networks, and applications from a security perspective. You will also be analyzing threats and externally reported bugs to help the engineering teams address them.

Your responsibilities will include:

  • Application security reviews
  • Secure architecture design
  • Threat modeling
  • Projects and research work as needed
  • Security training and outreach to internal development teams
  • Security guidance documentation
  • Security tool development
  • Security metrics delivery and improvements

A successful candidate will have experience working through ambiguity, helping define security requirements with managers, engineers, and incorporating customer feedback. As well as identifying potential problems before they become real problems.

Basic Qualification:

  • MS in Computer Science or related field, or equivalent work experience
  • 3+ years of experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, JavaScript, Go, TypeScript
  • 5+ years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, and application security
  • Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security Preferred Qualification
  • Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Security+ Certification
  • Experience implementing security solutions at the product/service level · An understanding of web services
  • Familiarity with common mitigating controls and their implementation
  • Working knowledge of application security assessment and applicable review methodologies
  • Solid familiarity of prevalent security threats and how they apply to the business
  • Experience with frameworks that assist the delivery of security solutions at scale