XChange Software Inc.
Iselin, NJ
Post Resume to
View Contact Details &
Apply for Job
Job Description :
Position: Senior Security Engineer
Location: Malvern PA
Duration: 6 Month
 
Job Description:
Summary:

  • As a Senior Security Engineer in Marketing Technology (MarTech), you will pioneer industry-leading technologies and toolsets to enable our developers to innovate in record time. Ideally, you will have broad expertise in security standards, practices, tools, and technologies applicable to online financial services with extensive integrations with third-party systems. About The Team: Our industry, now more than ever, is built upon the principles of rapid innovation, agile development and testing, continuous deployment, and ultimately faster time to market for applications. The DevSecOps team is a core driver of these principles.
Description:
  • The team is searching for a senior engineer with proven experience in owning projects, identifying and leading implementation of new technology, developing standards, and mentoring team members. DevSecOps is central to the entire department's operations, and as such, the successful candidate will have input to technology and implementation decisions across the organization.
In this role, you will:
 
  • Design, deploy, manage, and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management, and application security.
  • Ensure technology implementation and product development methodology aligns with information security policies and improves security posture.
  • Responsible for threat management, security monitoring, trend correlation, and incident management, including security violations and exceptions.
  • Provide recommendations on security requirements to be included in product design and security testing.
  • Provide recommendations to the Risk Management Framework process activities and related documentation
  • Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
  • Assess risk arising from third parties, vendors, and partners in our ecosystem and design controls to mitigate such risks
  • Part of the security incident response team.
Qualifications:
For this role, you will need:
  • 8+ years of hands-on security experience
  • Must have hands-on expertise operating in an AWS environment with mastery of architecture and security capabilities in the cloud
  • Mastery of multiple security domains such as intrusion detection, incident response, malware analysis, and forensics
  • Deep understanding of Linux operating systems
  • In-depth knowledge of CVSSv3, CWE, OWASP Top 10, and CWE/SANS TOP 25 Most Dangerous Software Errors
  • Outstanding written and oral communications skills with the ability to develop internal processes and articulate assessment results with internal partners
  • Continuously seek to develop new skills and technical expertise, as well as proactively share knowledge with others · Experience with various public cloud services Using AWS / Azure / GCP is strongly preferred
  • Bachelor's degree in a relevant technical field/equivalent knowledge and experience
What sets you apart:
  1. Experience in security incident response preferred
  2. Experience in software development (C/C++, Java, or Python) preferred
  3. Certification in one or more of the following: CISSP, CASP, Security+, CISA, GSEC, CAP, SCNA, SCNP, SSCP, GSLC, GSE, CCNA
  4. AWS and or Azure Professional level certification (Solutions Architect, DevOps Administrator, or Developer)
             

Similar Jobs you may be interested in ..