Senior Security Software Engineer

The Consortium, Inc. Rockville , MD 20850

Posted 2 months ago

Apply

This Job is not relevant Tell us why

Description: Senior Security Software Engineer

Under limited supervision, the Senior Security Software Engineer assists engineering teams to identify and satisfy security requirements in their software throughout the software development lifecycle. They are responsible for equipping teams with the skills and tools required to perform threat modeling and identify/defend against common OWASP Top-10 vulnerabilities. This is accomplished via embedding engineering engagements wherein the security engineer participates in team SDLC activities and pairs up with developers and testers over multiple sprints.

Responsibilities

As a member of an Agile SCRUM team:

Identify and prioritize security requirements deficiencies via threat modeling

Design practical strategies to fully satisfy or partially compensate the associated risks of the identified threats

Develop a test plan to verify that security requirements have been satisfied, incorporating functional testing and commercial penetration testing tools

Automate security tests in Java using tools such as Selenium, REST Assured

Assist teams in incorporating security best practices into their sprint activities

Educate stakeholders in the engineering team to be able to perform the above activities

Design and develop engineering tools to solve common security engineering problems that development teams are facing

Education and Experience

Required:

Bachelors or Masters in Computer Science, Computer Engineering, or a related field

5+ years of cumulative experience in software development and/or test automation

Hands-on experience with object-oriented programming in Java (preferred), C#, or Ruby

Practical knowledge of modern software design patterns

Solid understanding of common security threats facing the software industry (OWASP Top-10)

Basic penetration testing experience using common tools (ex: Burp, Zap)

Firm grasp of common software development lifecycles (ex: Agile Scrum, TDD)

Demonstrated understanding and experience with object oriented design.

Demonstrated understanding and application of algorithms to test solutions.

Ability to communicate effectively with security novices

Firm grasp of SQL and relational database design

Preferred:

Experience developing in and securing Amazon Web Services applications

Show Full Description

See how you match
to the job

Upload my resume

Download the
LiveCareer app and find
your dream job anywhere

Similar Jobs

View All

Want to see jobs matched to your resume?
Upload One Now!

Senior Software Engineer

Zenimax Media, Inc.

Posted 3 days ago

VIEW JOBS Overview The Bethesda.net team is seeking a talented senior software engineer to contribute to the Bethesda Softworks Digital Publishing Platform. In this role you will focus on feature development that supports online game features, administrative tools, web, and mobile applications. You should have a strong focus on AWS Managed services to accelerate development. As a key member of this team you will have the opportunity to participate in architecture discussions, live support, and our continuous improvement processes. The ideal candidate will be curious and will explore ways to improve our scale, reliability, and efficiency, and learn and support new technologies, and propose new solutions that solve observed problems. Responsibilities * Guide the technical development of complex features under the direction of a Lead Software Engineer * Write clean, maintainable code that is scalable, reliable, and observable * Support systems in a 24x7 environment including troubleshooting, hot fixing, and root cause analysis * Actively provide code review and feedback for other developers * Learn new technologies and programming languages as needed * Ensure consistency with security policy standards and security plan * Understand and define infrastructure as code to support systems developed * Collaborate with other engineers and engineering teams to deliver high quality, complex systems this includes Ops Infra, Security, QA, NOC, and Game Developers * Coach and mentor engineers * Other duties as assigned Qualifications * 5 years of experience as a software engineer * Possess a strong technical background and deep knowledge of software engineering principles, exceptional problem solving, design, programming, and testing skills * Experience with version control systems (Github preferred) * Experience supporting live systems at very high scale * Customer focused design of APIs and integration requirements; make integration easy * Experience integrating online services * Good working knowledge of message brokers (Kinesis, NATS, SQS), Databases (DynamoDB, MongoDB) and caching technologies (Memcached/Redis) * Deep understanding of Golang or Python and how it operates under challenging conditions * The desire to learn new languages and technology * A pragmatic approach to providing engineering solutions that solve business needs * Excellent written and verbal skills Preferred Skills * Experienced in Golang * Experience building cloud infrastructure and operating live systems * Experience working in cross functional teams * Experience working with microservices architecture * Experience with RPC protocols including gRPC and jRPCTop of Form Applicant Privacy Notice CCPA Applicant Privacy Notice

Senior Network Security Engineer

Leidos Holdings Inc.

Posted 3 days ago

VIEW JOBS Description Job Description: Leidos is looking for a Senior Network Security Engineer to join our Corporate Information Security team in Corporate IT. The position can be supported from one of our following locations: Orlando FL, Reston VA, Gaithersburg - MD, or Remote Telework. As a senior engineer, you will join a team of other cybersecurity engineers and help design and implement the overall network security solutions for a large scale, IP-based corporate network. The Network Security Engineering team focuses on the design, development, deployment, and maintenance of the Leidos corporate network security environment and cloud-based its integrations. The workload is largely project-focused, and range from project lead assignments to individual task contributions. The senior engineer works autonomously within the scope of the projects or tasks, and report regularly on activities performed and milestones reached. The senior engineer will also identify areas of improvement and propose solutions to challenges within the organization. Additionally, there is a continual feedback and escalation support relationship with the Network Security Operations group. Finally, the senior engineer will also work closely with the other corporate information security groups in their efforts to maintain and enhance the company's security posture. Primary Responsibilities: * Work on a team of motivated network security engineers in designing, building and deploying network security capabilities for protecting Leidos core networks and information. * Technology area of responsibility include: next-generation firewalls, web content filtering, network tapping infrastructure, intrusion prevention systems, and any new products and services as assigned. * Participate in project lifecycle milestones, such as requirements reviews, implementation-level design documentation, and writing standard operating procedures. * Serve as a subject matter expert in at least one technology or service area offered by the Network Security Engineering team. * Work closely with engineering team members across infrastructure teams and outside vendors to ensure that features and capabilities are delivered on-schedule and operated according to corporate service level agreements. * Help develop network security technical roadmaps to drive constant cyber transformation and improvements in Leidos' defensive posture. * Describe complex issues or new ideas to large groups or leadership. * Work closely with the Cybersecurity Intelligence and Response Center Director to ensure network capabilities meet the requirements and needs of the CSIRT team. Required Qualifications: * Bachelor's Degree and 8-12 years of experience in an enterprise security or infrastructure engineering role. Additional years of relevant experience, training, and/or professional certifications will be considered in lieu of a degree. * US citizenship is required and eligible for federal security clearance * Experience designing, deploying and maintaining enterprise class firewall and web filtering solutions (additional experience, education or training may be considered). * Experience designing, deploying and maintaining enterprise class IDS/IPS solutions * Experience designing, deploying and maintaining enterprise class network tapping and packet acquisition services. * Strong knowledge of the OSI 7-layer model, including common application layer details. * Demonstrated effective communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties. * Experience with common enterprise firewall vendors such as Check Point, Palo Alto, Juniper or Cisco FirePower. * Ability to write and verbally communicate technical and risk-related concepts effectively to both technical and non-technical audiences. * Strong problem-solving and analytical skills * Demonstrate poise and ability to act calmly and competently when encountering technical and non-technical challenges. * Ability to obtain security clearance. Preferred Qualifications: * Experience with a firewall policy management tool such as Tufin, Algosec or Firemon. * Experience in system administration (Windows or Linux). * Experience in programing and/or scripting. External Referral Bonus: Eligible Potential for Telework: Yes, 100% Clearance Level Required: None Travel: Yes, 10% of the time Scheduled Weekly Hours: 40 Shift: Day Requisition Category: Professional Job Family: Security Architecture and Engineering Pay Range: About Leidos Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately $11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com. Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here. Securing Your Data Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected]. Commitment to Diversity All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Data Security Engineer

Zenimax Media, Inc.

Posted 3 days ago

VIEW JOBS Overview Bethesda.net is looking for a world class Data Security Engineer to join a highly skilled team of senior security professionals responsible for security of AAA titles, digital platforms, and data in live and studio development environments. The ideal candidate has a proven record detecting, discovering, and protecting sensitive information; monitoring and detecting exfiltration through egress points; and in-depth coordination with technical personnel across various internal organizations. Prior game experience and an ability to understand the unique challenges facing the industry are a definite bonus. Responsibilities * Research new products, services, systems, and techniques to improve existing security of Zenimax data security program * Support and validate the discovery of sensitive information residing within data repositories (e.g., GitHub, network drives, databases) across the organization * Ensure compliance with applicable regulations and security policies * Provide visibility and improved response readiness across all vulnerability management capabilities * Provide guidance and engineering assistance to junior security engineers * Provide technical expertise in protecting the sensitive information from inadvertent disclosure and exfiltration while at rest, while on an endpoint, and while in motion * Keep up with security trends in the video game industry and in the technology sector in general * Occasional travel may be required (less than 10%) Qualifications * 3+ years security engineering experience * Proven experience planning, deploying, managing, and maintaining data security/ DLP tools and programs * Strong engineering skills with attention to detail * Strong troubleshooting skills * Knowledgeable in both network- and host threat and vulnerability vectors * Ability to multi-task and thrive in a fast-paced environment * Passionate about a wide range of gaming and technology/digital trends * Excellent verbal, written, and interpersonal skills Preferred Skills * Experience with engineering projects that affect a very large user base * Experience shipping a software product * Previous game industry experience * Certifications in one or more of the following: CCNA, CCNP, GSEC, CEH, CCSP, CISSP, CISA, or Security+ Applicant Privacy Notice CCPA Applicant Privacy Notice

Apply