the smart solution for Durham jobs

Secure Development Engineer

Company: NetApp
Location: Durham
Posted on: April 18, 2019

Job Description:

Are you data-driven? We at NetApp believe in the transformative power of data - to expand customer touchpoints, to foster greater innovation, and to optimize operations. We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice. We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.

We've built a Data Fabric for a data-driven world - to simplify and integrate data management across the resources that are best for the business. With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.

By modernizing storage through data management, customers can upgrade infrastructure to bring modern data services to existing applications. Only NetApp can help organizations free the resources necessary to fund transformation by deploying the industry's leading flash storage solution, which is highly efficient and scalable in both data center and cloud environments.

Job Summary

As a Secure Development Lifecycle (SDL) Engineer you will take an active role in a cross functional team, focused on determining requirements, architecture, design, and guiding the implementation of multiple product security assurance initiatives. You will plan, lead, and manage, and track the application and compliance of secure development lifecycle activities across NetApp's product portfolio. This is a challenging position working in a very fast paced environment, with the opportunity to work collaboratively with like professionals in the Product Security, Engineering, Marketing, Operations, Legal, Testing and Global Services functions, and to positively influence greater business outcomes.

Job Requirements

Essential Functions/Responsibilities

The Secure Development Lifecycle Engineer coordinates NetApp Technology Groups during the product lifecycle, ensuring security checkpoints are understood and completed. The role involves working with others who have a varying level of understanding of product security and how it impacts their functions. A successful candidate will be able to relate secure development to all levels of experience from senior leadership to entry-level engineers. The job requires the handling of sensitive information and requires exceptional judgment to protect company and customer interests.

* Define, commit, and track secure development lifecycle activities across the entire product development organization.
* Continually working to improve application security through new and adjusted methodology and tooling.
* Coordinate with engineers, serve as a project lead, and/or recognized as an expert in secure design, development, and delivery.
* Perform technical security assessments including threat modeling, attack surface analysis, security baseline analysis, security requirements/architectural review, code review, and final security reviews and recommendations.
* Identify and communicate project scope and ensure program milestones and objectives are met.
* Keep management informed of key issues and changes which may impact expected business results.
* Ensure that projects adhere to efficient processes and initiate process and tooling improvements as needed.
* Provide recommendations on remediation approaches that strike the right balance across business deliverables.
* Assist with other tasks as needed, including maintenance of internal development tools for Product Security and Product Security Incident Response (PSIRT)

Job Requirements

* Excellent written and verbal communication skills.
* Experienced in most aspects of a Secure Development Lifecycle, including: code review, Software Composition Analysis (SCA), detecting and mitigating common weaknesses (OWASP Top 10), static analysis security testing (SAST), web app scanning (DAST), vulnerability scanning, fuzzing, threat modeling, and architectural review
* Penetration testing experience is a desirable.
* Experience in storage (block/file/object), databases, or other distributed systems is highly desirable.
* Strong understanding of common networking protocols (e.g. TCP/IP, Ethernet, DNS, HTTP, TLS).
* Proven experience in working collaboratively and leading engineering teams in secure software development.
* Strong understanding of third-party and open source software integration and usage methodology.
* Minimum 2 years of software development experience in 1 or more of: C, C++, C# & Java. Must be well-versed in common security patterns and vulnerabilities in these languages.
* Development skills in one or more interpreted languages
* Knowledgeable in common software patterns, data structures & algorithms, and development methodologies. Proven ability to quickly pick-up new languages, frameworks, and codebases.


Typically requires a minimum of 5 years of related experience with a Bachelor's degree; or 3 years and a Master's degree; or a PhD without experience; or equivalent work experience.

* A minimum of 4 years of experience is required. 5 to 7 years of experience is preferred.
* A Bachelor of Science Degree in Engineering or Computer Science, a Master Degree, or a PhD; or equivalent experience is required.
* Demonstrated ability to have led and completed multiple complex projects.
* OSCP is highly desirable

So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!

If you ask a NetApp employee why they work here, the answer is inevitably the same: the people. At NetApp, our culture is at the heart of what we do. We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference. Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world. We take care of each other, our customers, our partners, and our communities simply because it's the right thing to do.

We work hard but also recognize the importance of work-life balance for our employees because what's important to them is important to us! Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations. We provide comprehensive medical, dental, wellness and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts and fitness centers. We also offer financial savings programs to help you plan for your future.

Join us and see what empowerment can do.

Equal Opportunity Employer Minorities/Women/Vets/Disabled

Keywords: NetApp, Durham , Secure Development Engineer, Engineering , Durham, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Engineering Jobs

Diesel Tractor Mechanic
Description: Diesel Tractor Mechanic 2 years mechanical knowledge
Company: The Tractor Place
Location: Cary
Posted on: 04/22/2019

Senior Fullstack / FrontEnd Engineer
Description: SENIOR FULLSTACK ENGINEERSuccessful candidate--must be local. Onsite interviews only. No relocation.Willing to speak up and able to participate in environment
Company: BLDG-25, Inc.
Location: Raleigh
Posted on: 04/22/2019

Senior IT Security Engineer
Description: Job Location: Cary, NCRole Value Proposition:As part of the Global Technology and Operations organization the Senior Security Engineer is responsible for executing the enterprise wide strategy to identify, (more...)
Company: MetLife
Location: Cary
Posted on: 04/22/2019

Description: Posting Details Posting Information Vacancy Type EHRA Non-Faculty Is Internal Transfer Only No Working Title Engineer Salary Range Anticipated Hiring Range 70,000 - 90,000 Position Number 00107368 Work (more...)
Company: NC State University
Location: Raleigh
Posted on: 04/21/2019

CAD Design Engineer (SolidWorks)
Description: Looking for an energetic and motivated Designer to join the Greensboro, NC team as a Technical Engineer. They will be responsible for engineering models, prints,
Company: Integrity Consulting
Location: Greensboro
Posted on: 04/22/2019

Service Technician - Experience Required
Description: We are seeking an experienced and certified Service Technician / Journeyman to join our Service team. Why Rice Toyota Rice Toyota in beautiful Greensboro, NC is the 1st Toyota Dealership ever established (more...)
Company: Rice Toyota
Location: Greensboro
Posted on: 04/22/2019

Senior Manufacturing Engineer - Test Equipment
Description: Date Posted:2019-03-06-08:00Country:United States of AmericaLocation:HSK02: Kidde Aerospace 4200 Airport Drive,NW, Wilson, NC, 27896 USACollins Aerospace is a leader in technologically advanced and intelligent (more...)
Company: Collins Aerospace
Location: Wilson
Posted on: 04/22/2019

Sheet Metal Mechanic
Description: Plans, lays out, fabricates, assembles, installs, and repairs sheet metal/piping/plumbing parts, equipment, and products by performing the following duties. Essential
Company: SPC Mechanical
Location: Raleigh
Posted on: 04/21/2019

Technical Marketing Engineer, ONTAP AI & Analytics
Description: br br Job Summary br br Technical Marketing Engineer, ONTAP AI Analytics br br Responsible for codifying the technical value proposition of our products solutions for Artificial Intelligence (more...)
Company: NetApp
Location: Durham
Posted on: 04/22/2019

Part Time Lime Mechanic Needed - $13/hour
Description: Lime is a smart-mobility provider that offers cities an array of mobility products including Lime-E e-assist bicycles and Lime-S electric scooters. Lime aims to revolutionize mobility in cities and campuses (more...)
Company: Lime
Location: Raleigh
Posted on: 04/21/2019

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Durham RSS job feeds