Key skills
AWSAzureCloudGoogle Cloud PlatformJavaJavaScriptPythonSDLC.NETC#CGCPGoogle CloudCollaborationOWASP
About this role
Role Overview
- Collaborate with product engineers and product teams to gather requirements, provide expert consultation on securing the entire SDLC process
- Identify architectural flaws and security concerns in application designs early in the SDLC process
- Threat Model and design security controls and mitigations in collaboration with product engineering teams
- Verify/validate secure code interactions with other dependent and integrated services/systems
- Ensure testing automation addresses security goals and concerns
- Review and verify identified/reported vulnerabilities, perform root cause analysis, and partner with developers to drive corrections
- Stay up-to-date with emerging security threats, trends, and new technologies to continuously improve the security posture of our code and shared development resources
- Contribute to technical requirements, architecture, and interface design documents and educational resources
Requirements
- BS/BA degree or equivalent in relevant coding experience
- 5+ years of overall experience in Application Development, with at least 2 years focused in the Product Application Security discipline
- Experience in designing, implementing, and maintaining secure software system
- Experience with C# and .NET Framework/Core
- Fluent in one or more other programming languages relevant to the organization (e.g., Python, Java, JavaScript)
- Experience with common security vulnerabilities (e.g. OWASP Top 10 and API Security Top 10) and their mitigations/remediations
- Experience with development and build pipelines and associate best practices
- Experience performing threat modeling and security analysis of application components
- Experience in secure source code audit/analysis and reporting
- Experience with static and dynamic analysis tools, including vulnerability scanning suites
- Experience in application security within cloud environments (e.g. AWS, Azure, GCP)
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Java
- JavaScript
- Python
- SDLC
- .NET
Benefits
- Paid Time Off: earned time off, as well as paid company holidays based on region
- Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
- Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
- Retirement Plans: select retirement and pension programs with potential for employer contributions
- Learning and Development: options for coaching, online courses and education reimbursements
- Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events