The confidentiality, integrity, availability and accessibility of Intuit's data and systems are of paramount importance to our organization. The trust that our customers place in our ability to protect our critical assets and information is a top priority. Anticipating, managing, mitigating and eliminating both fraud and risk are at the forefront of Intuit's enterprise wide approach to planning for, preventing, detecting, responding to and recovering from insider threat.
The Principal Software Engineer for Intuit's Insider Threat Program is responsible for technologies and solutions to manage the risk to our organization that comes from people within the organization. These individuals could be employees, former employees, contractors, or business associates, or others with access to information about the organization's security practices, data and computer systems. It involves current or former employees, contractors and other business partners who have or had authorized access to the company's data, systems, tools, and technologies and have intentionally misused that access.
Insider breaches are among the costliest and hardest to detect of all data breaches. While organizations focus significant resources on the mitigation of external threat actors, insider risks are likely to pose an even greater financial and reputational threat to the enterprise.
To address the growing concern of insider threat, our team is focused on five key areas: preparation, protection, detection, response, and recovery. The Insider Threat Architect will have full responsibility for developing features, platforms, models and capabilities to proactively identify sources and patterns of insider threat/fraud.
Come join the Intuit Information Security team as a Principal Software Engineer. We are developing cutting edge Data Protection and Financial Fraud prevention services that are central to all Intuit offerings.
The Principal's success will be measured, among other things, by their ability to:
- Partner effectively to create the products, capabilities and infrastructure for systems to go live quickly and efficiently with disciplined execution and quality
- Launch the platform to protect our most sensitive data and consistently leverage next gen technologies and analytics tools and techniques to stay ahead of the fraudsters
- Capabilities will be developed by engineering teams across the company, so the ability to lead by influence is essential and collaboration is fundamental to success
- Be a thought leader and key contributor to detecting, preventing and mitigating insider threat
- Develop strong, collaborative, cross functional relationships with key stakeholders and work with cross-functional team members including Security, Anti-Fraud, Risk Operations, Incidence Response, Data Engineering and Sciences to identify potential sources of fraud, proactively monitor and triage latent and emerging fraud patterns, forecast fraud scenarios, and implement preventive mechanisms to mitigate the impact of fraud
- Make data driven recommendations and decisions; leverage advanced analytics to ingest and correlate output from a variety of tools (i.e. security, data access/movement, user behavior); provide analytics-based insights to help iterate on the product to make it more effective
- Keep abreast of fast moving developments, trends and technologies in IT across the tech sector, financial industry, government and academic. Provide perspective on leading industry trends, recommendations on new and emerging technologies, technology prototypes, patent proposals and engineering process improvements
- Evaluate third party tools and services and support for buy versus build decisions. Synthesize achievable solutions from diverse inputs, alternative sources including evaluation of third party tools and services and support for buy versus build decisions. (build / buy / partner)
- Provide technical leadership and be a role model to software engineers pursuing technical career path in engineering with a focus on cybersecurity and fraud prevention, coach and mentor other engineers in process and methodologies
- BS/MS in Computer Science or a related area
- 10+ years of experience developing systems/software for large business environments
- 5+ years of experience designing complex distributed systems, management products or business applications
- Solid design and coding skills (Java, J2EE, REST, JSON)
- AWS, Docker, Kubernetes, Stream processing, NoSQL (DynamoDB and other)
- Strong OOD and SOA principles, with the ability to implement them in a language of choice
- Strong experience leading design and implementation of robust and highly scalable web services
- Skilled in software development lifecycle processes. Experience with SCRUM, Agile and iterative approaches.
- Able to operate at highly varying levels of abstraction from business strategy to product strategy to high level technical design to detailed technical design to implementation
- Experience with frameworks like React, Spring, Hibernate
- Team player possessing strong analytical, problem solving and mentoring skills. Able to influence and communicate effectively with both technical and non-technical people
- Demonstrated ability to work with global teams across time zones
- Ability to work effectively in a fast paced, complex technical environment.
- Experience driving for results across cross-functional teams while maintaining effective working relationships
- Excellent communication skills. Communicates clearly, succinctly and persuasively to all levels of employees, customers and management (including executives)
- "Self-starter" attitude and the ability to make decisions independently