Location: Portland, OR
We are looking for a skilled Software Security Engineer to analyze software designs and implementations from a security perspective, and to identify and resolve security issues. You will include the appropriate security analysis, defenses and countermeasures at each phase of the software development lifecycle, to result in robust, reliable and secure software. If this is the kind of position you’d be interested in - please send your resume to email@example.com. We value and encourage diversity in the workplace and women, minorities, and veterans are highly encouraged to apply. Thank you!
Job Type: FTE
In general, you will: perform application security assessments, including architecture review, threat modeling, code review and penetration testing, and assist and enable our software engineering teams to adopt and apply secure software development practices.
· Implement, test, and operate advanced software security techniques in compliance with technical reference architecture
· Perform on-going security testing and code review to improve software security
· Provide software development support in addressing identified security issues
· Provide engineering designs for new and existing software solutions to help mitigate security vulnerabilities
· Contribute to all levels of the architecture with respect to software security
· Maintain and review technical documentation relating to software security
· Consult team members on secure coding practices
· Develop a familiarity with emerging software security tools and best practices
· Perform application security assessments including architecture review, threat modeling, code review, and penetration testing
· Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
· Develop and direct Joint Interoperability Test Command (JITC) compliance verification procedures
· Develop and automate security tools.
· Maintain familiarity with industry standard software security certifications
· Work with engineering and product teams to drive security issues to resolution
***US Citizenship Required***
· Minimum 8 years of software development experience in a professional environment.
· Minimum 5 years of proven work experience as a software security engineer
· Detailed technical knowledge of techniques, standards and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities, and remediation
· Software development experience in C# and .Net
· Adequate knowledge of network/web related protocols
· Experience with security tools and technologies used throughout Secure Software Development Life Cycles
· Experience in providing Security Code reviews in languages such as C# and F#
· Experience in penetration testing and fuzz testing technologies and techniques
· Familiarity with addressing and remediating OWASP Top 10 security issues.
· Interest in all aspects of security research and development
· BS degree in Computer Science or related field, or equivalent related industry experience