Senior Information Security Engineer in Portland, OR

$150K - $200K(Ladders Estimates)

Akamai Technologies   •  

Portland, OR 97201

Industry: Information Technology

  •  

8 - 10 years

Posted 37 days ago

About the Job

We are looking for a person with expert knowledge of secure software development processes and cloud security to help us ensure we design, build and maintain solid security controls for our identity cloud services. You will lead, do, teach and grow with us as we create a safer identity experience for all.

About the Team

We are responsible for safeguarding the security of Akamai's Identity Cloud services and provide internal advocacy for security practices. We work closely with product development and platform teams to help ensure that Akamai systems lead by example for safety and security compliance needs of our customers and the public.

Responsibilities:

  • Act as an Information Security stakeholder and collaborate with technical leads (Architects, Software Engineers, DevOps), product managers and third-party vendors to integrate and automate security controls and compliance proofing into the SDLC and DevOps processes
  • Guide and perform security activities, including risk assessments, application vulnerability testing, code review, static and dynamic code testing, and penetration testing of web applications
  • Oversee, prioritize and review internal and external security scans and assessment results; provide remediation guidance, retesting, exploit reproduction and help reduce false positives
  • Promote and train security program fundamentals and processes
  • Collaborate on technology projects, providing security reviews and remediation recommendations based on industry standards; document processes, procedures, findings and remediation recommendations



Required Education and Experience

Applicants must meet one of the following education and experience requirements:

  • 8 years of relevant experience and a Bachelor's degree or equivalent professional experience

Required Skills:

  • 4+ years of experience in information security
  • 3+ years of experience with secure application development and testing processes
  • 3+ years of experience with securing cloud technologies

Desired Skills:

  • CISSP, GPEN, GWAPT, OSCP or similar certification
  • Knowledge of and experience with commercial and open source application security tools (e.g., Burp Suite, OWASP Zap, Arachni, BlackDuck, Kali Linux, Metasploit framework, Wireshark)
  • In-depth technical knowledge of techniques, standards and security for authentication, authorization, cloud, and web-related technologies (such as browsers, web applications, APIs,services, architectures etc.)
  • Knowledge and experience in application technology security testing, including white box, black box, and code review
  • Experience with automation scripting and automated testing tools
  • Working knowledge of a variety of programming languages, with an emphasis on Go, Python, JavaScript and the ability to write code independently in select languages
  • Experience with the application of security frameworks and regulatory standards such as ISO, NIST, OWASP, GDPR...etc
  • Able to articulate, plan, implement and manage software security best practices
  • Possesses an insatiable hunger to understand limits, possibilities, opportunities, and reasons
  • Is direct and indirect by turns; derives glee and satisfaction from relevant discovery, but is always ready to meet colleagues where they are to accompany them on their journey. Enjoys both order and chaos
  • Situational fluency, ability to influence and motivate others, and perseverance to bridge challenging business and technical situations
  • Passionate appetite for on-going challenges and interest in continuously learning


Valid Through: 2019-11-11