Sr Security Engineer, Corporate Services Security

About The Position

Requirements

• 5+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience
• 5+ years of work in identifying security issues and risks, and developing mitigation plans experience
• 5+ years of (non-internship) scripting, programming, and security code review in common programming languages experience
• Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go
• Experience as a mentor, tech lead or leading an engineering team

Nice To Haves

• Experience applying threat modeling or other risk identification techniques or equivalent
• Experience with security in service-oriented architectures/microservices and web services

Responsibilities

• Creating, updating, and maintaining threat models for a wide variety of web applications hosted on cloud
• Manual and Automated Secure Code Review, primarily in Java, Python and Javascript
• Development of security automation tools
• Adversarial security analysis using the latest tools to augment manual effort
• Provide Security training and outreach for internal development teams
• Provide Security architecture and design guidance to application development teams
• Independently solve systemic, complex security problems that require novel methods or approaches
• Influence your team’s and partners’ process, priorities, strategy and choices by using data to improve security outcomes
• Provide technical and strategic guidance to senior leaders and stakeholders through effective oral and written communications

Benefits

• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave