The Software Security Engineer is passionate about the Spectrio products and mission while focused on managing the security of our platforms and products.
Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities
Works with software development teams/external consultants in the design and development of product security features including systems, applications and/or solutions
Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle
Provides product security engineering recommendations and resolves integration and testing issues
Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events
Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues
Keeps abreast of new technologies and methods for the purpose of recommending changes that will benefit current and future customer programs
All other duties as assigned
Extremely proficient working knowledge of AWS security considerations and tools (3+ years of experience)
Experience with Threat Assessments and Common Vulnerabilities and Exposures (CVE)
Working knowledge of a Software Development Life Cycle (SDLC)
Comfortable in working with cross-functional teams to drive efficient resolution.
Ability to work independently and be proactive in task completions.
Highly professional with the ability to deliver solid work on tight schedules.
Excellent communication skills, both oral and written.
Excellent organizational skills.
Analytical and detail-oriented with decisive judgement skills
Bachelor’s Degree in Computer Science or closely related field preferred
Cloud hosting services, specifically Amazon AWS
Mobile development (Android, iPhone)
Container services, e.g. Docker
Continuous Integration and deployment, e.g. Jenkins, Travis, Circle CI