Description
Sr. Security Product Engineer
Summary
Responsible contributing to and supporting security technology solutions with emphasis on secure software development life cycle, security testing and security tools. This individual must be able to work well with teams across internal groups and with vendors to create secure solutions. This individual must have experience in design, coding and tools.
This role includes contributing to development efforts on various products including writing detailed design requirements, user stories, specifications, product security guidelines, and more. The ideal candidate must have coding experience in C, C++, C#, Java, JavaScript, HTML5, PHP or other common programming languages as well as experience leading code reviews. The ideal candidate must have a good knowledge of Linux and some knowledge of other OS environments.
This Security Engineer will support daily execution of development, integration, test and possibly operations.
Core Responsibilities
- Uses advanced engineering skills and knowledge to solve complex development problems and achieve engineering goals.
- Applies security architecture, design and specifications through development, integration and testing at detailed levels
- Works with security leaders to develop solutions and tools to mitigate potential security issues
- Works from policies, guidelines and strawman documents to develop detailed engineering solutions with the product, development and integration teams
- Guides development teams to engineer security into early phases of the SDLC
- Must be able to lead security code review efforts
- Presents issues with clear remediation path and impacts
- Reviewer of vulnerabilities, failures and compromises
- Provide regular reporting on projects and initiatives
- Mentors team members.
- Consistent exercise of independent judgment and discretion in matters of significance.
- Regular, consistent and punctual attendance.
- Other duties and responsibilities as assigned.
Skills and Experience:
- 7 - 11 years experience
- 5+ years experience with software development life cycles
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Poise and ability to act calmly and competently in high-pressure, high-stress situations
- Enjoys working in a demanding, and a very dynamic environment
- Good natured and positive with people and a team player
- Must have strong problem-solving skills
- Ability to manage multiple projects with strict timelines
- Technology detail oriented to handle complex products, systems and networks
- High level of personal integrity
- Ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- High degree of initiative and be well organized
Certifications
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), Other software development life cycle certifications
Education Level
Bachelors Degree or Equivalent
Field of Study
Engineering, Computer Science, or other related major