Job Description
Location: Fully remote
Position Type: Full Time
Summary:
- We are looking for a skilled Software Security Engineer to become part of our growing team.
- You will analyze the Client digital signature and remote online notarization platform code and implementation from a security perspective, and then implement preventative and counter-measures at each phase of the software development lifecycle.
- You will also assist in identifying and troubleshooting security-related bugs as soon as they arise.
Responsibilities
- Implement, test and facilitate advanced software security techniques in compliance with key industry best practices (ie. OWASP, SANS)
- Manage existing Veracode implementation to perform on-going security testing and static/dynamic code review to improve software security
- Troubleshoot and debug issues that arise
- Provide engineering designs for new software solutions to help mitigate security vulnerabilities
- Maintain technical documentation
- Work with team members to ensure secure coding practices through collaboration and education/training
- Perform security event triage and initial incident response to detected threats
- Develop, execute and track the performance of security measures to protect client information.
- Assist in design of software security strategy and engineer comprehensive cyberSecurity Architecture, including implementation of, and help in updating and enforcing, company's information security policy
- Identify, define and document system security requirements and recommend solutions to management.
- Monitor systems for irregular behavior and set up preventive measures.
Requirements and Skills
- 3-5 years' experience in the cybersecurity industry
- Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation (OWASP, SANS, threat modeling, etc.)
- Software development experience in Java, Wildfly, JWT as well as experience using tools such as Bitbucket (Git), Jenkins, Jira and Confluence
- Experience with web related technologies (Web applications, Web Services and Service Oriented Architectures), AWS and network/web/authentication related protocols (SAML, JWT, OAuth 2.0)
- Background using code scanning tools
- A deep interest in following the latest industry updates in software security along with tactics for implementing them
- Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan
- Excellent organizational and communication skills
- Ability to work efficiently and self-motivate with little to no supervision
- BS degree in Computer Science or related field.
Must-haves:
- Java programming
- AWS
- Certifications in code security, vulnerabilities and mitigation techniques
- CISSP, CEH, CASP+
- Veracode / SAST-DAST toolset use and application
Salary : 150k