Lead Software Security Engineer

col-narrow-left
Job ID:
2499276
Location:
San Luis Obispo, CA
Category:
Information Technology, Telecommunications, Array
Salary:
$150,000.00 per year
Zip Code:
93401
Employment Type:
Full time
Posted:
08.09.2018
col-narrow-right
col-wide

Job Description:

Lead Software Security Engineer
San Luis Obispo, CA
$140-150K +Bonus

Prestigious Fortune 500 Company is seeking a Software Security Engineer with strong experience in application development and some experience in application security.

What you'll bring:

  • At least 5 years' experience in application development (Java EE, Python, web APIs, and Linux Scripting) with some exposure to application security
  • Understanding of network protocols and hands-on experience in more than one of the following: Web Proxies, Web Application Firewalls, Web Application Vulnerability assessment tools such as Veracode and HP WebInspect
  • Working knowledge of Agile development processes and the SDLC
  • Strong knowledge of both UNIX and Windows operating systems
  • Strong understanding of web hosting platforms and web services
  • Working knowledge of remediation methods to address the OWASP Top 10
  • Understanding of enterprise computing environments, distributed applications, and container technology
  • Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills
  • Bachelor's Degree in Computer Science or related field and

We'd love to see:

  • Experience with some or all of the following: Packet analysis, Vulnerability analysis, Event Correlation, Forensics, pen-testing, reverse engineering, IOC, advanced threat detection, code analysis
  • Experience working in a team-oriented, collaborative environment and ability to present ideas in a user-friendly language
  • Ability to absorb and retain information quickly
  • Highly self-motivated and directed with an attention to detail
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Have a strong desire to learn and grow professionally
  • Any of the following certifications are desired: CEH, CISSP, CSSLP, OSCP or similar advanced security certification

Impact you'll make:

  • Demonstrate a high level of analytical and problem-solving capability along with the ability to articulate the decision process to multiple management levels as it relates to both business and technical roles
  • Engage in critical decisions involving risk, incident response, and security process improvements in critical infrastructure that require unwavering integrity and moral character
  • Serve as the subject matter expert on application security and provide security consultation on internal projects focusing on business needs, security's role in change management, and how data is transmitted internally and to external customers
  • Participate in security audits, risk analysis, vulnerability testing and security reviews on many elements of our systems
  • Identify security issues and risks, and develop mitigation plans
  • Create meaningful metrics on the assessments that have been performed and be able to manage remediation efforts and communication ongoing status
  • Provide security review and guidance for projects driven by groups outside of Information Security
  • Responsible for a designated set of software tools and the security functionality of these as well as evaluating and recommending new and emerging security products and technologies
  • Participate in tier 2 and tier 3 security operations support, incident handling, and other ad hoc projects
  • Maintain and update relevant system and process documentation and develop ad-hoc reports as needed
  • Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment
Company Info
Request Technology - Anthony Honquest