Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.

Information Security Software Engineer

Eingestellt von CompuCom

Gesuchte Skills: Engineer, Java, Engineering, Pmo

Projektbeschreibung

INFORMATION SECURITY SOFTWARE ENGINEER FOSTER CITY

Did you know that CompuCom's employee benefits start on the first day of employment? Join CompuCom and enjoy our generous, Day One Benefits!

We are seeking a INFORMATION SECURITY SOFTWARE ENGINEER who will help drive the successful adoption of Secure Software Development Lifecycle practices across product development teams and help build foundational application security capabilities.

RESPONSIBILITIES

- Help define consistent Secure Software Development Lifecycle practices for all technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security
- Ensure end-to-end security of products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
- Improve secure coding practices, application security requirements, automation, training, and metrics.
- Integrate threat modelling practices into the Software Development Lifecycle.
- Help build secure products and standards around emerging technologies and fields lacking existing standards and security practices
- Build strong cross-organizational relationships and effectively influencing staff across the IT organization and broader enterprise
- Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.
- Collaborate with product and solution teams to achieve Global Information Security software security program objectives.
- Help to define simplified security metrics approach that enables executive leaders, line leaders, and operational staff to quickly take action on application security related risks.
- Manage cross-functional internal and external team collaboration, evangelization, and communications.
- Develop and optimize processes to improve software development efficiency in the consumption of security development practices.
- Maintain active understanding of industry practices for secure software development and incident response.

QUALIFICATIONS

- Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree preferred.
- Hands on experience with one or more of the following programming languages: C#, Java, JavaScript, Objective C, C, C++ and Ruby; Experience in building ENTERPRISE web applications preferred
- MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
- Experience and ability to perform architectural risk assessment (ARA) at all phases of SDLC, as and when required
- EXPERTISE in performing TOP down risk analysis and threat modelling of web applications and frameworks
- Excellent understanding of web applications, web Servers, layer 7application technologies, frameworks and protocols with respect to application development and deployment
- Well versed in web application design, penetration testing, application risk assessment and risk categorization
- Operational knowledge of secure software development life cycle principles from training and requirements gathering to post-implementation operations support.
- Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into a developers world
- Success in implementing effective Secure SDLC frameworks across a large corporation.
- platforms, SDK s and interaction with application layer PREFERRED
- Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
- Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Deep knowledge of/experience with the following:
- Agile SDLC processes and PMO reengineering
- Enterprise and application architecture
- SAST, DAST and fuzz testing tools
- Highly effective communicator; well honed influencing and negotiating skills
- Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
- Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams
- Demonstrated leadership qualities, flexibility, adaptability to changes in roles and responsibility as required.
- 4 to 7 years in technology, information security, and/or application development.
- Excellent operational skills; quality and results oriented
- Strategic thinker; visionary; innovative
- Strong client service orientation
- Bi/multi-lingual a plus

MUST HAVE SKILLS:

- Hands on experience with one or more of the following programming languages: C#, Java, JavaScript, Objective C, C, C++ and Ruby;
- Experience in building ENTERPRISE web applications preferred.
- MUST have deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies.
- EXPERTISE in performing TOP down risk analysis and threat modelling of web applications and frameworks.
- 4 to 7 years in technology, information security, and/or application development.

NICE TO HAVE SKILLS:

- Platforms
- SDK's and interaction with application layer.

*CompuCom supports Employment Equity and Diversity* CompuCom, the leading IT outsourcing specialist, delivers IT your way. Our clients like working with us because they know that, with CompuCom, it's all about you. Our unique ITSM strategy blends your data center, network, voice, and end user computing environments in an innovative fashion. This radically simplifies your IT, allowing you to focus on growing your business and serving your customers. We are highly regarded by worldwide and regional organizations alike for our pragmatic approach, best practices, and highly skilled workforce. This balance provides the perfect alternative to address the evolving challenges facing you, today and in the future. More than a trusted advisor, CompuCom is your trusted doer.

Projektdetails

  • Einsatzort:

    California, Vereinigte Staaten

  • Projektbeginn:

    asap

  • Projektdauer:

    Keine Angabe

  • Vertragsart:

    Contract

  • Berufserfahrung:

    Keine Angabe

Geforderte Qualifikationen

CompuCom