We are looking for a Security Software Developer to join our client’s application security team. Under the supervision of the Application Security Manager, the Security Software Engineer is responsible for leading and implementing application security for our software and systems as part of a dedicated team of application security developers and engineers. You will have the opportunity to have a significant impact on the security of our systems and business.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
- Must be technically strong and assertive, capable of providing innovative ideas and driving complex solutions.
- Collaborate with infrastructure engineers, software developers, product owners, architects, and other members of a development team to understand business, technical requirements, and impact.
- Responsible for enterprise wide application security and development of modern security practices.
- Perform treat modeling and for applications, systems, and resources.
- Create and update policies and procedures for application security.
- Provide 24×7 on-call support for security incidents in a rotation with other team members
- Perform as a technical lead on projects and products as assigned
- Train other developers in defensive coding
- Strong communication, facilitation, and problem-solving skills.
- In-depth knowledge of security best practices for applications and software development.
- Working understanding the SDLC and Agile.
- Working understanding of network security.
- Working understanding of enterprise security.
- Experience with application level penetration testing and remediation.
- Experience leading software development projects and/or teams.
Knowledge, Skills, and Abilities
- 8+ Years of experience with .Net and C#
- 5+ Years of Experience with systems regulated by compliance (PCI, GDPR, NIST, etc.).
- 5+ Years of Experience with microservices and APIs
- 5+ Years of Experience with critical secure systems (authentication, payment, encryption, key management, etc.).
- 3+ Years of Experience with SQL databases, including Oracle and Microsoft SQL
- 3+ Years of Experience with e-commerce systems, including payment processing
- Team player that is also self-motivated
- CEH, CISSP, GISP, CSSLP, GSSP-JAVA, GWEB, GSSP-.NET, Security+ certifications are a plus.
- Broad knowledge of enterprise software engineering and infrastructure concepts and best practices.
- Experience in application-level penetration testing.
- In-depth knowledge of authentication protocols, standards, and formats (OAuth, OAuth 2, JWT, OpenID, SSO, Asymmetrical cryptography, etc.).
- Good relationship management and collaboration skills.
- WFH (5 days).
- Medical Insurance.
- Corporate Pluralsight, Udemy account.
- Flexible Time.
- Tech Talks.
- Career Path.
- Recreational Company Activities.
- High-end equipment (Lenovo laptop, dual monitor).
- Social Program (HitCommunity).
- Company Awards.
- Much more…
Are you curious?