We're a global team unified in a common purpose: creating advanced technology solutions to the world's water challenges. Developing new technologies that will improve the way water is used, conserved, and re-used in the future is central to our work. Our products and services move, treat, analyze, monitor and return water to the environment, in public utility, industrial, residential and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced analytics solutions for water, electric and gas utilities. In more than 150 countries, we have strong, long-standing relationships with customers who know us for our powerful combination of leading product brands and applications expertise with a strong focus on developing comprehensive, sustainable solutions. For more information, please visit us at www.xylem.com
If you are excited and passionate about helping us solve water, we want to hear from you!
The Role: As member of security technologies team, the Software Security Engineer is responsible for identifying and fixing vulnerabilities in software and applications on all Sensus products.. This position will work across software and firmware development teams to identify component and system level technical risks, identify and evaluate critical failure points, determine technical security controls to mitigate risks, prioritize and schedule controls with development timelines, and work with cross functional teams to implement features.
Champion the Sensus's product security SDLC. This includes security testing, penetration testing, and security bug fixes.
Perform vulnerability research, assessment and management , serve as technical security/risk advisor on all new technology/developed by Sensus
Perform threat modeling, static application security testing, code reviews, and secure design reviews for high risk applications.
Automate security testing using a variety of scripting and open source tools
Implement or manage the implementation of common application security controls, ensuring that practices meet software certification processes
Assist developers in remediating vulnerability findings by providing line-by-line guidance.
Provide training and education to developers on software security best practices.
Develop testing and auditing of Cloud computing, and Big Data platforms
BSCS or equivalent with 6+ year's experience
Security audit, Vulnerability assessment and packet analysis skills
Strong operating systems knowledge Windows (all flavors), Red Hat Linux, Solaris
Strong project planning and execution skills
A rigorous approach to analyzing and resolving complex technical problems
Good analytical and debugging skills; strong software aptitude and creative ability.
Scripting knowledge Linux scripting (bash), Windows scripting, Python or Perl
Database knowledge Postgres, MSSql, Oracle
Programming knowledge Java, C#
Good organizational skills.
Self-motivated; ability to work under general supervision; receptive and supportive of team efforts.
Expertise in either Cloud computing security and/or Big data security
Forensic analysis skills
CISSP, or another security certification
Excellent written & oral communication skills and coordination with peers, end-users, and management
(The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
(The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.
Standard weekly job hours: 40 hours
EOE including disability and veteran