Security Software Engineer

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED

• Bachelor's degree in a relevant technology field or equivalent combination of education and work experience.
• 8+ years of engineering or other IT/Security work experience relevant to the position.
• Five or more years of interdisciplinary experience in 4 or more of the following: Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, API Security, and Networking.
• Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders.
• Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
• Willingness to work in a highly-collaborative environment.
• Ability to effectively communicate with technical and non-technical stakeholders.
• Solid understanding of IT security best practices.
• Skilled in designing, implementing, and supporting complex technical solutions.
• Ability to troubleshoot complex operational issues.
• Extensive experience designing, developing, and implementing serverless solutions within AWS.
• Extensive development experience with different API capabilities.
• Experience in building and deploying Jenkins pipelines.
• Previous experience automating security controls within CI/CD pipelines a plus.
• Previous microservice development a plus.
• Previous experience in application vulnerability remediation a plus.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions for securing APIs.
• Acts as an internal consultant, advocate, mentor, and change agent. Viewed as an Information Security expert and critical technical resources across multiple technical areas and business segments.
• Partners with other groups to ensure solid, cross-functional decisions are made as a team.
• Maintains and demonstrates a strong understanding of enterprise systems, policies, standards, regulatory requirements, and business drivers.
• Represents Information Security at enterprise review meetings (ITAC, NPI Reviews, Production Readiness, etc.).
• Adheres to and promotes compliance to Information Security policies, standards and best practices.
• Leads process improvement and risk mitigation initiatives.
• Coaches and mentors more junior staff.

This position will perform the following functions:

• API Security Testing
• API Architecture
• API Design and Lifecycle management
• Work with other dev teams to integrate new security-focused API initatives and provide support to IT Teams through API integrations.
• Provide clear and concise documentation on delivered code as well as customer onboarding and support documentation
• Work collaboratively in an agile environment