Sign In    |    Register
Company Info

Request Technology - Craig Johnson


Company Profile



Lead Software Security Engineer


col-narrow-left

Job ID:

4196371

Location:

San Luis Obispo, CA, United States

Category:

Information Technology, Telecommunications, Array

Salary:

$150,000.00 per year
col-narrow-right

Job Views:

1

Zip Code:

93401

Employment Type:

Full time

Posted:

08.12.2018
col-wide

Job Description:

*Permanent Full time role.*

Prestigious Fortune 500 Company is currently seeking a Lead Software Security Engineer. Candidate will engage in critical decisions involving risk, incident response, and security process improvements for the critical infrastructure.

Responsibilities:

Serve as the subject matter expert on application security and provide security consultation on internal projects focusing on business needs, security's role in change management, and how data is transmitted internally and to external customers
Participate in security audits, risk analysis, vulnerability testing and security reviews on many elements of our systems
Identify security issues and risks, and develop mitigation plans
Create meaningful metrics on the assessments that have been performed and be able to manage remediation efforts and communication ongoing status
Provide security review and guidance for projects driven by groups outside of Information Security
Responsible for a designated set of software tools and the security functionality of these as well as evaluating and recommending new and emerging security products and technologies
Participate in tier 2 and tier 3 security operations support, incident handling, and other ad hoc projects
Maintain and update relevant system and process documentation and develop ad-hoc reports as needed
Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment

Qualifications:

5+ years experience in application development (Java EE, Python, web APIs, and Linux Scripting) with some exposure to application security
Understanding of network protocols and hands-on experience in more than one of the following: Web Proxies, Web Application Firewalls, Web Application Vulnerability assessment tools such as Veracode and HP WebInspect
Working knowledge of Agile development processes and the SDLC
Strong knowledge of both UNIX and Windows operating systems
Strong understanding of web hosting platforms and web services
Working knowledge of remediation methods to address the OWASP Top 10
Understanding of enterprise computing environments, distributed applications, and container technology
Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills
Bachelor's Degree in Computer Science

Experience with some or all of the following: Packet analysis, Vulnerability analysis, Event Correlation, Forensics, pen-testing, reverse engineering, IOC, advanced threat detection, code analysis

Experience working in a team-oriented, collaborative environment and ability to present ideas in a user-friendly language

CEH, CISSP, CSSLP, OSCP or similar advanced security certification