The Security Software Developer position provides individuals an opportunity to apply their skills in a dynamic work environment while developing well-rounded competencies in various products and services. As a member of the Product Development team, the Security Software Developer will work with internal team of software developers, testers, and product owners to improve and evangelize security practices, processes, and tools including development security, secure SDLC, security testing, secure coding standards. Develop and integrate security tooling and best practices in the secure SDLC and CI/CD pipeline. Over time, become an internal subject matter expert and provide consultancy and support to all development teams.

Primary Duties & Responsibilities

• Recommend secure design techniques to management to improve application security posture
• Improve and implement security tooling and practices into the secure SDLC and CI/CD pipeline
• Integrate automated testing tools (Static Application Security Testing SAST, Dynamic Application Security Testing DAST, and other technologies as necessary into the overall secure SDLC process
• Conduct security assessments on applications, APIs and platform
• Identify security vulnerabilities in applications written in VB, C#, and Javascript via design reviews, code reviews, and reverse engineering
• Perform or support penetration testing as required for new or updated applications
• Contribute to maturing process, policy, and standards guidance
• Develop training programs to support the necessary skills improvement with secure SDLC process
• Develop creative ways to support the development team's growth and learning around our standard
security processes
• Facilitate adoption of tools and standards through thoughtful change management strategies
• Produce self-serve resources and lead training events
• Design, integrate, and test a suite of tools for security management of multi-tenant cloud application
• Develop secure design patterns for cloud architectures developed in public or private cloud environments
• Work closely and collaborate with development, Products Security, and IT security team members
• Produce high quality software that is unit tested, code reviewed, and checked in regularly
• Identify, leverage, and successfully evangelize opportunities to improve security
• Learn new software tools and skills as needed
• Research emerging technologies and maintain awareness of current security risks
• Be able to visit and have calls with clients in order to gather requirements and gain understanding of
development requests
• Research and develop new ways to improve existing functionality
• Proactively analyze and bring forth ideas for continuous improvement
• Support and participate in the organization’s Continual Improvement Program to conform to ISO 9001
requirements by complying with the Quality Policy and procedures and meeting QMS objectives
• All employees have a professional duty to provide any information related to security issues, incidents or situations that present a potential security risk to the ISO Team, Management or their Supervisor

Requirements
2.1 Education and Training
• Bachelor’s degree in Computer Science or related field from an accredited university and/or equivalent
work experience
• C#.Net, HTML/CSS/JavaScript, and SQL development experience
• Web services development experience using REST, JSON, XML

Knowledge and Skills
• Strong understanding of OOP design, algorithms, and design patterns
• Understanding of software engineering practices
• Strong background in Agile development and secure SDLC
• Knowledge of application security risk assessment process
• Experience implementing tools that check for OWASP Top 10
• Experience with software security frameworks and maturity models (BSIMM, OpenSAMM, etc.)
• Strong understanding and ability to solve security issues like XSS, CSRF, SQL Injection, Brute Force
Attacks, Session Fixation, etc.
• Fluent in multiple scripting and programming languages
• Solid analytical and problem solving ability
• Experience with Version Control software (e.g. Azure DevOps)
• Experience with GDPR compliance is a plus
• Relevant cybersecurity certifications is a plus (e.g., GSSP-.NET, GWEB, GWAPT, GSEC)
• Self-starter with an aptitude for learning new technologies
• Excellent verbal and written communication skills
• Strong organizational skills and attention to detail
• Ability to work well in a fast-paced environment

_________________________________________________________________

For more information on this job: https://rekruiters.com/jobs/
Rekruiters has been named by business journals as one of the best places to work.
We offer benefits such as weekly pay, health insurance, 401k and even profit sharing to our consultants.
Corporate:
https://www.rekruiters.com – Main Site
@rekruiters.com – Twitter
https://www.facebook.com/rekruiters/ – Facebook
_________________________________________________________________

#5642

 

 

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!

Back