The Software Security Engineer is passionate about the Spectrio products and mission while focused on managing the security of our platforms and products.
- Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities
- Works with software development teams/external consultants in the design and development of product security features including systems, applications and/or solutions
- Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle
- Provides product security engineering recommendations and resolves integration and testing issues
- Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events
- Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues
- Keeps abreast of new technologies and methods for the purpose of recommending changes that will benefit current and future customer programs
- All other duties as assigned
- Extremely proficient working knowledge of AWS security considerations and tools (3+ years of experience)
- Experience with Threat Assessments and Common Vulnerabilities and Exposures (CVE)
- Working knowledge of a Software Development Life Cycle (SDLC)
- Comfortable in working with cross-functional teams to drive efficient resolution.
- Ability to work independently and be proactive in task completions.
- Highly professional with the ability to deliver solid work on tight schedules.
- Excellent communication skills, both oral and written.
- Excellent organizational skills.
- Analytical and detail-oriented with decisive judgement skills
- Bachelor’s Degree in Computer Science or closely related field preferred
- Cloud hosting services, specifically Amazon AWS
- Mobile development (Android, iPhone)
- Container services, e.g. Docker
- Continuous Integration and deployment, e.g. Jenkins, Travis, Circle CI
- Infrastructure automation with Terraform
- Linux experience a plus