Do you like solving the hard problems? Have a real passion for technology? Really, really want to help stop the attackers who steal credentials for "fun" or profit?
Can you discern the difference between the newest tech fad and the breakthroughs that truly make a difference? Do you automate tedious tasks to maximize your efficiency?
Do you want to work for an organization that knows to give engineers bigger desks and better computers than their managers?
As a Software Security Engineer you will work as part of the product team to ensure secure software delivery. The ideal candidate has experience performing static and dynamic code analysis, building solution risk models, and operating as a leader in the development lifecycle.
This position will report to the VP, Information and Product Security. We’re looking for someone who can perform well in a rapidly expanding organization.
SecureAuth has a positive, diverse, and supportive culture we look for people who are curious, inventive, and interested in making a change in the industry.
If you are looking for your chance to disrupt and influence in the Identity and Security space, this is the right opportunity for you.
Day-to-day, you will :
Implement, test and operate advanced software security techniques in compliance with technical reference architecture
Perform on-going security testing (manual, automated tools and coordination with third parties) and code review (manual and automated static source code analysis) to improve software security
Validate, troubleshoot and debug issues that arise from internal and external testing and reported by customers or security researchers
Provide engineering designs for new software solutions to help mitigate security vulnerabilities
Contribute to all levels of the architecture
Perform Threat Modeling for new and existing products, applications and environments
Maintain technical documentation
Consult team members on secure coding practices
Develop a familiarity with new tools and best practices
Ideally, you have :
3+ years of proven work experience as a software security engineer or related discipline
Experience with Checkmarx or similar static code analysis applications
Knowledge and proven experience with manual and automated penetration techniques and testing software and the ability
Ability to write clear, concise and detailed test or vulnerability reports for use by developers, management and external entities such as customers
Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
Software development experience in more than one of the following core languages : C#, VB / .NET, Java, Python, and Go
Adequate knowledge of web related technologies (Web applications, Web Services, Containers, SaaS)
Interest in all aspects of security research and development
BS degree in Computer Science or other applicable technology field or equivalent experience