Senior Software Security Engineer

  •  

Boston, MA

Industry: Life Sciences & Research

  •  

Less than 5 years

Posted 280 days ago

This job is no longer available.

We are gobal leading information company with a rich heritage and a bold entrepreneurial mission. If you?re excited by the thought of helping people and organizations go from new ideas to life-changing innovations faster, we?re excited to consider you for a position with our client. Our Company are the trailblazers and risk takers who come up with life-changing ideas. We?re looking for our own trailblazers to help us keep providing clients some of the world?s most trusted brands, spanning scientific and academic research, patent analytics, pharmaceutical and biotech intelligence and IP management.

We are looking for someone who is motivated, driven, and passionate about information security and finding solutions to complex business challenges. If you join our client?s Information Security team, your mission will be to help us build and operate the product security program. You will have the exciting opportunity to work in many different areas of product security including software security, incident response, red teaming, and cloud security. We also highly encourage team members to be active in the information security community, sharing ideas and collaborating with peers.

Job Responsibilities:

?        Improve our client?s ability to write secure applications and services by designing, developing, and implementing secure software development practices

?        Work with product development and cloud operations teams to create and support our client?s Secure Software Development Lifecycle and DevSecOps practices

?        Work closely with and train product teams to perform threat modeling, secure product architecture design, static and dynamic code analysis, and application penetration testing

?        Work with customers to answer product security questionnaires and work with product management and support teams to ensure that customers? needs are addressed

?        Stay in touch with the security research community and monitor for product security incidents and participate in security incident response teams to contain, investigate, and prevent future incidents

?        Research emerging technologies and maintain awareness of current securityrisks in support of security enhancement and development efforts

?        Evangelize security throughout the company and drive changes needed to respond to emerging threats

?        Write and enforce information security policies, standards, guidelines and standard operating procedures

?        Participate in internal Red Team activities

Job Qualifications

?        Proven track record for delivering results

?        Advanced interpersonal and communication skills with the ability to collaborate effectively in a team environment and promote ideas at various levels of the organization

?        Strong self-directed work habits exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism and the ability to autonomously manage multiple concurrent projects

?        Advanced analytical and decision-making skills

?        Expert-level knowledge of web application vulnerabilities and ability to articulate their impact to business users

?        3-5years of hands-on technical experience designing, implementing, and supporting secure software development for cloud

?        2-3years of experience in application penetration testing

?        Experience with performing threat modeling and designing secure software architecture

?        Experience with creating and supporting a Secure Software Development Lifecycle

?        Experience with virtual patching and Web Application Firewalls

?        Experience with dynamic web application testing tools such as IBM AppScan, HP Web Inspect or Burp

?        Experience with static web application testing tools such as Fortify, Checkmarx or Veracode

?        Knowledge of Java, C, C++, PHP, JavaScript, Perl, Python, and Unix Shell Scripting

?        Knowledge of traditional and cloud architecture (AWS)

?        Bachelor?s degree (Master?s degree is ideal) in computer science or equivalent experience

?        CSSLP or SANS GIAC certification