Vacancy expired!
One of our clients, major Healthcare Technology Company is looking for
Lead Security Engineer. Permanent FT role with great compensation, bonus, equity and benefits package.Location in Austin TX preferred, but could be anywhere in US.Currently 100% remote, but will be couple of days on-site in few months. Lead Security Engineer Looking for a Lead Security Engineer to help increase the security capabilities of our teams. Candidate will work closely with scrum teams, product managers, and engineering leadership to improve the quality and adoption of Security Development Job Responsibilities- Responsible for socializing and driving the execution of key security best practices across the R&D organization
- Contribute to enterprise security catalog of best practices, techniques and patterns to enable secure implementation of features in products/product families
- Instruct R&D engineers on using security tools (SAST, DAST, SCA) and presenting solutions to mitigate findings
- Identify and explain feature level design or architectural weaknesses which could result in security issues
- Work with key stakeholders including enterprise security leadership to track open issues and follow up to resolution
- Partner on resolution of identified security issues when appropriate
- Work with key stakeholders like DevOps, Infrastructure, et al to build security hardened tech stacks that are used for development and production
- Document, share, and help automate coverage for common abuse cases and attacks
- At least 3 years experience as a software developer and 3-5 years in a security focused development role in an agile development environment
- Experience in software and product design and architecture, product security, security issue prevention and mitigation strategies
- Strong knowledge of programming languages - Java, JavaScript (NodeJS), C#, Perl, Python, etc. In addition to ability to understand code we need an ability to understand security bugs in it.
- Knowledge of key security technologies like OAuth, SAML, etc.
- Solid understanding of the web services world including RESTful services, Service Bus architectures, JSON etc
- Experience with Static and Dynamic Code Analysis tools like Veracode, CheckMarx, AppSpider, HP Fortify, HP WebInspect, IBM AppScan, Coverity etc.
- Current knowledge of HIPAA, HITRUST, PCI-DSS requirements
- Bachelor's degree in Computer Science, Computer Engineering, Cyber Security or similar or equivalentexperience
Vacancy expired!