Job Description :
Position title: Software Security Engineer

Essential functions:
Function as cyber security consultant and automation engineer in daily Sprint stand up, and provide ownership for all aspects of security lifecycle in product release
Provide cyber security technical thought leadership, and inject secure coding standards and best practices into daily scrums
Provide mentoring, and skill set knowledge transfer to scrum team members
Review and modify agile user stories and epics to ensure correct authentication, authorization, and logging
Partner with other IT & business teams to develop secure technical solutions
Support MVP’s through “hands on” technical security knowledge, integration, and development/coding
Work with a team of architects and developers, operational leads and functional owners to plan and implement security technical features
Ability to work in a fast paced, dynamic environment, with shifting priorities; must be comfortable with change and actively driving improvements
Understand how new technologies impact the current environment
Champion the adoption of new technologies and drive the implementation into the GE environment"
Basic qualifications:
Bachelor''s Degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering (OR High School Diploma / GED with a minimum of 2 years of IS, IT, or Computer Science) or equivalent experience
Minimum of 1+ years of experience writing object-oriented software, or designing and executing manual and automated software tests
Strong Facilitation skills, leading in-person and remote teams in co-creation sessions, creating wireframes, workflows and prototypes.
Working knowledge in configuration management tools such as CVS/SVN/ClearCase/Git/Perforce
Lean/Six Sigma Certification.
1+ years of JavaScript experience
Experience with NodeJS
Experience with Postgres
Experience with Lua
Experience with GOLang
Understanding of GitHub and Git pull requests
Understanding of Delay Tolerant Networking (DTN)
Must be legally authorized to work in the United States full-time
Must be willing to work in our XXXXX facility full-time
Must submit application for employment through (or COS if internal) to be considered
Must be 18 years of age or older
Must be willing to take a drug test as part of the selection process
Must be willing to submit to a background investigation, including for example, verification of your past employment, criminal history, and educational background"
Desired qualifications:
Proficiency in at least one programming language (Java, GOLANG, Node.JS, Javascript, Python, or C/C++)
Provides design, installation/development, & configuration of Cyber Security solutions
Ability to simplify and communicate technical concepts & architecture to non-technical team members
Experience with application logging integration, and products (Log4J, Logstash, Splunk)
Knowledge of Federated security architecture, flows, and standards (SAML, OpenID_Connect, and JSON_Web-Token? (JWT
Integration level knowledge of API Security Architecture, and technologies (OAuth2, Spring Security, HMAC, WS-Security, WS-Trust, or XACML)
Hands on experience developing secure RESTful API’s
Working knowledge of Cloud Provider security architecture design patterns (AWS, CloudFoundry, Azure
Proficiency in development frameworks (Spring Security, Spring Boot, or AngularJS)
Working knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc
Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures?, & Key Management
Expert knowledge of HTTP(s) protocol
Knowledge of Risk Controls framework, and Audit procedures (27000/1/2, NIST 800-53/171, DFARS)
Position requires an individual that is highly organized and self-motivated
Proven ability and desire to learn and adapt to new products quickly and comprehensively.