Network Security Engineer 2 - USP
Company: Horizontal Integration
Posted on: January 14, 2019
Network Security Engineer 2 - USP Description As a Secure Development Lifecycle (SDL) Engineer you will take an active role in a cross functional team, focused on determining requirements, architecture, design, and guiding the implementation of multiple product security assurance initiatives. You will plan, lead, and manage, and track the application and compliance of secure development lifecycle activities across our product portfolio. This is a challenging position working in a very fast paced environment, with the opportunity to work collaboratively with like professionals in the Product Security, Engineering, Marketing, Operations, Legal, Testing and Global Services functions, and to positively influence greater business outcomes. Essential Functions/Responsibilities The Secure Development Lifecycle Engineer coordinates Technology Groups during the product lifecycle, ensuring security checkpoints are understood and completed. The role involves working with others who have a varying level of understanding of product security and how it impacts their functions. A successful candidate will be able to relate secure development to all levels of experience from senior leadership to entry-level engineers. The job requires the handling of sensitive information and requires exceptional judgment to protect company and customer interests. Assist with other tasks as needed, including maintenance of internal development tools for Product Security Develop security satellites as leaders within individual product teams. Serve as a mentor for security satellites as well as junior engineers on the Product Security team. Provide recommendations on remediation approaches that strike the right balance across business deliverables. Ensure that projects adhere to efficient processes and initiate process and tooling improvements as needed. Keep management informed of key issues and changes which may impact expected business results. Identify and communicate project scope and ensure program milestones and objectives are met. Perform technical security assessments including threat modeling, attack surface analysis, security baseline analysis, security requirements/architectural review, code review, and final security reviews and recommendations. Coordinate with engineers, serve as a project lead, and/or recognized as an expert in secure design, development, and delivery. Continually working to improve application security through new and adjusted methodology and tooling. Define, commit, and track secure development lifecycle activities across the entire product development organization. Requirements: Job Requirements Excellent written and verbal communication skills. Experienced in most aspects of a Secure Development Lifecycle, including: code review, Software Composition Analysis, detecting and mitigating common weaknesses, static analysis, web app scanning, fuzzing, threat modeling, and architectural review Penetration testing experience is a desirable. Experience in storage (block/file/object), databases, or other distributed systems is highly desirable. Strong understanding of common networking protocols (e.g. TCP/IP, Ethernet, DNS, HTTP, TLS). Proven experience in working collaboratively and leading engineering teams in secure software development. Strong understanding of third-party and open source software integration and usage methodology. Minimum 2 years of software development experience in 2 or more of: C, C++, C# & Java. Must be well-versed in common security patterns and vulnerabilities in these languages. Development skills in one or more interpreted languages Knowledgeable in common software patterns, data structures & algorithms, and development methodologies. Proven ability to quickly pick-up new languages, frameworks, and codebases. Education A minimum of 4 years of experience is required. 5 to 7 years of experience is preferred. A Bachelor of Science Degree in Engineering or Computer Science, a Master Degree, or a PhD; or equivalent experience is required. Demonstrated ability to have led and completed multiple complex projects. OSCP is highly desirable #Red Zone #LI-RH1 Horizontal Integration is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law. In addition, Horizontal Integration will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact . All applicants applying must be legally authorized to work in the country of employment.
Keywords: Horizontal Integration, Durham , Network Security Engineer 2 - USP, Engineering , Durham, North Carolina
Didn't find what you're looking for? Search again!