Job Duties :
- Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities.
- Detects and mitigates security risks through manual and automated testing, responds to product security incidents, and works with customers regarding product security related issues.
- Designs and develops security features for products including systems, applications and/or solutions
- Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle.
- Provide training, education, awareness, and communication to development and engineering groups
- Leads or participates in security architecture and design review meetings.
- Participate in M&A due diligence and integration processes
- Design, develop, and implement software development policies, standards, procedures, and technical controls
Qualifications :
- Comprehensive knowledge of security vulnerability classes, such as those found in the OWASP Top 10.
- Experience working with tools that support a secure SDLC (CheckMarx, Fortify, ThreadFix, Acunetix, Burp Suite, etc)
- 7+ years' experience with security oriented engineering (Security Engineering, Security Champion as a developer, or security oriented feature development)
- 4+ years' experience software development experience, preferring Go, Python, and .Net
- Experience working with IaC and PaC
- Understanding of common cryptographic and authN/authZ standards (TLS, SAML, OAuth, etc)
- Experience working with a variety of development tools, languages, and environments, including .NET, Java, PHP, Node.js, Ember, SQL Server, and Amazon Web Services
- Experience performing peer code review
- Experience with agile software development processes and methodologies
- Working knowledge of source code repositories including Git
Preferred Qualifications :
- Experience in Security Engineering roles, in support of the SDLC
- Experience working within an AWS environment.
- Experience working with containers and orchestration (Kubernetes)
- Experience with fraud detection at scaleThe perks of working at the Org.
Monday, February 22, 2021
Senior App Security Engineer - Python/Golang (7-10 yrs) (Ryte4u Solutions)
