Software Security Engineer Job Description

Job Description: Senior Software Security Engineer

The Senior Software Security Engineer is responsible for building a world-class program that embeds security into every aspect of the dev process.

Security is a core value at our company and safeguarding sensitive customer information is critical to our continued success. This position is responsible for building a world-class program that embeds security into every aspect of the development process, integrates automated security testing, and maintains an ongoing security training and certification process for staff members.

Responsibilities

• Build an industry-competitive domain security lead program to embed security expertise within each scrum team.
• Integrate automated security testing (including both static and runtime) capabilities into an evolving CI/CD program.
• Update, maintain, and deploy new training programs for new hires, annual certification, and expert-level developers (including brown bag lunch-and-learns).
• Develop and deliver consistent automated metrics covering 20+ aspects of the software security program.
• Develop and deliver internal events, including hackathons.
• Develop security-related aspects of the application asset inventory program.
• Maintain development standards, policies, and procedures.

Qualifications

• Excellent communication skills and organizational savvy.
• BS in Computer Science or similar technical field.
• 5+ years experience delivering application security programs.
• Expert understanding of production engineering with PHP and/or other popular technologies (development experience a must).
• Strong familiarity with multiple software security paradigms including MSSDL, BSIMM, and CSSLP.
• Conference presentation experience at major security events such as OWASP USA or Black Hat/DEFCON.
• Working knowledge of all vulnerability classes on the OWASP Periodic Table of Vulnerabilities.

The attached zip file includes:

• Intro Page.pdf
• SrSecuritySoftwareEngineer.doc