Software Security Engineer / Security Architect

We are looking for a skilled Software Security Engineer to become part of our growing team. You will analyze the SIGNiX digital signature and remote online notarization platform code and implementation from a security perspective, and then implement preventative and counter-measures at each phase of the software development lifecycle. You will also assist in identifying and troubleshooting security-related bugs as soon as they arise.

Responsibilities

• Implement, test and facilitate advanced software security techniques in compliance with key industry best practices (ie. OWASP, SANS)
• Manage existing Veracode implementation to perform on-going security testing and static/dynamic code review to improve software security
• Troubleshoot and debug issues that arise
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities
• Maintain technical documentation
• Work with team members to ensure secure coding practices through collaboration and education/training
• Perform security event triage and initial incident response to detected threats
• Develop, execute and track the performance of security measures to protect client information.
• Assist in design of software security strategy and engineer comprehensive cybersecurity architecture, including implementation of, and help in updating and enforcing, company’s information security policy
• Identify, define and document system security requirements and recommend solutions to management.
• Monitor systems for irregular behavior and set up preventive measures.

Requirements and Skills

• 3-5 years experience in the cybersecurity industry
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation (OWASP, SANS, threat modeling, etc)
• Software development experience in Java, Wildfly, JWT as well as experience using tools such as Bitbucket (Git), Jenkins, Jira and Confluence
• Experience with web related technologies (Web applications, Web Services and Service Oriented Architectures), AWS and network/web/authentication related protocols (SAML, JWT, OAuth 2.0)
• Background using code scanning tools
• A deep interest in following the latest industry updates in software security along with tactics for implementing them
• Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan
• Excellent organizational and communication skills
• Ability to work efficiently and self-motivate with little to no supervision
• BS degree in Computer Science or related field.

Extra Points If You…

• Demonstrate strong interpersonal skills and ability to mentor/train staff and bring awareness to current and emerging threats
• Have direct experience using Veracode’s code scanning platform
• Show hands-on knowledge of AWS and cloud-related security architecture (including log management, SIEM, IDS, WAF and APM tools)
• Possess regulatory experience (GDPR, ISO27K, SSAE16, HIPAA, PCI, FISMA, etc.)
• Have one or more security certifications
• Have knowledge of Monty Python, Firefly/Serenity, Star Wars, etc. Other fandoms also accepted.

Job Details

• Location: Remote or Onsite in Chattanooga, TN. No relocation offered.
• Benefits