Job Description: Senior Software Security Engineer
Security is a core value at our company and safeguarding sensitive customer information is critical to our continued success. This position is responsible for building a world-class program that embeds security into every aspect of the development process, integrates automated security testing, and maintains an ongoing security training and certification process for staff members.
Responsibilities
- Build an industry-competitive domain security lead program to embed security expertise within each scrum team.
- Integrate automated security testing (including both static and runtime) capabilities into an evolving CI/CD program.
- Update, maintain, and deploy new training programs for new hires, annual certification, and expert-level developers (including brown bag lunch-and-learns).
- Develop and deliver consistent automated metrics covering 20+ aspects of the software security program.
- Develop and deliver internal events, including hackathons.
- Develop security-related aspects of the application asset inventory program.
- Maintain development standards, policies, and procedures.
Qualifications
- Excellent communication skills and organizational savvy.
- BS in Computer Science or similar technical field.
- 5+ years experience delivering application security programs.
- Expert understanding of production engineering with PHP and/or other popular technologies (development experience a must).
- Strong familiarity with multiple software security paradigms including MSSDL, BSIMM, and CSSLP.
- Conference presentation experience at major security events such as OWASP USA or Black Hat/DEFCON.
- Working knowledge of all vulnerability classes on the OWASP Periodic Table of Vulnerabilities.
The attached zip file includes:
- Intro Page.pdf
- SrSecuritySoftwareEngineer.doc