Software Security Engineer Job Description
Software Security Engineer Duties & Responsibilities
To write an effective software security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included software security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Software Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Software Security Engineer
List any licenses or certifications required by the position: CISSP, OSCE, OSCP, CISM, CSSLP, TLS, SANS, X509, X.509, AWS
Education for Software Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the software security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Computer Engineering, Technical, Information Systems, Software Engineering, Education, Science, Mathematics, Software Development
Skills for Software Security Engineer
Desired skills for software security engineer include:
Desired experience for software security engineer includes:
Software Security Engineer Examples
Software Security Engineer Job Description
- Design software that scales over millions of users and data
- Evangelize secure coding practices across all engineering teams
- Design and development of security features/functions delivered via platform components and/or services that are highly secure, scalable, available and reliable
- Work with operations, support and sales to ensure customers are successful with developing and deploying their mission-critical applications using the technologies you develop
- Mentor other engineers in software development, security technologies, and secure development processes
- Help maintain an inventory of containers and container content
- Contribute to Product Security specific tools for container manifesting and scanning
- Analyze flaws for applicability to containers
- Perform various security forensic tasks, such as running container scans
- Help plan responses to vulnerabilities
- 4+ years of experience in Software Development with a focus on Software Security Engineering with experience in various test methodologies • 3+ years of coding experience in either Python, Ruby, or Java • 2+ years of experience with any database like Oracle, Postgres, SQLServer, or MySQL
- Defines and documents a detailed design to meet technical requirements
- Understanding and experience in Networking (L2/L3), Ethernet, IP
- A real self-starter, self-motivated, aggressive yet always professional
- Proven track record of writing effective back end test automation using frameworks such as JUnit writing UI test automation using frameworks such as Selenium
- Operational testing, meet SLA
Software Security Engineer Job Description
- Develop, document and implement test cases for web applications, web service applications and service oriented architectures
- Web, mobile and IoT penetration testing
- Network\Wi-Fi\Bluetooth penetration testing to include vulnerability exploitation and pivoting to gain remote system access
- Engage other departments by demonstrating results
- Work with development teams to ensure they are provided assessment results in a formal which best suits their needs
- Interface with development teams to ensure the remediation of identified vulnerabilities is handled in a timely manner
- Work with leadership and core teams to help identify and assist in balancing scope, time and costs
- Secure Development Lifecycle advisory
- Respond to security vulnerabilities, serve as an advocate for security within development teams
- Pair with mobile, frontend, and backend teams to architect and develop features in a secure, and scalable manner
- Experience with OWASP Top 10, CWE / SANS Top 25, or similar secure coding methodologies
- Working knowledge of LDAP, PKI, SAML, SSO, OATH, and session management
- Able to learn quickly in a dynamic environment
- LINUX proficiency for debugging and developing application
- Comfortable working in Windows and UNIX environments
- Solid understanding of enterprise security fundamentals
Software Security Engineer Job Description
- Establish mobile policies and procedures and advise Product Owners as to the most optimum deployment of integrated mobile security solutions
- Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines
- Implements and improves software tools to gather system configuration information and proactively identify vulnerabilities
- Maintains awareness regarding OWASP and application security trends
- Designs, develops, implements, and tests software used to control instrumentation, perform data analysis and report generation
- Provides embedded system development support, using Linux, a RTOS (Real Time Operating System), or bare-metal, for a new target platform
- Partner with Information Security to conduct application security reviews to assess technical and business risk, identify threats and potential security issues in applications, specify solutions, and verify through testing
- Assist in the creation of software specifications for secure development and consistently research within the security area for threats, common vulnerabilities based on the OWASP Top 10, and new attack models
- Perform secure code audits
- Develop presentations and diagrams to communicate secure development practices, security state, and design requirements
- Exposure to multi-threaded programming environment using UNIX/Linux/FreeBSD operating systems
- Knowledge of perl or equivalent scripting language
- Prior exposure to networking and security concepts is desirable
- Security relevant certification(s) (OSCP,GWAPT,CEH,CISM,CISSP ) would be advantageous
- Codifiable - you look at manual steps and processes as opportunities to leverage your coding skills
- Strong background with SoC security (ARM TrustZone, proprietary solutions)
Software Security Engineer Job Description
- You will support the components and sub-systems security experts in the implementation of the requirements defined at system level
- You will look after the ongoing analysis of threats and vulnerabilities in the software used and will assist with the development of advanced protection concepts
- You will assist with the development of software (system and components) taking account of security specifications (Secure Coding Guidelines, general security design, secure architecture, analysis of security scans carried out), coordinating mandatory requirements, carrying out analyses in relation to security tools, and making recommendations
- You will continuously increase your expertise in IT security and will participate in relevant training activities
- You will work closely with colleagues from product development in the planning and completion of risk analyses (TRA) and in the implementation of proposed controls to assure IT security
- You will also provide support and advice for software development in compliant use of open source software according to the terms of the license
- You will provide expertise in general IT and networking, such as Virtual Machines and interfacing with other products
- As a member of the Systems Engineering team there will also be job duties outside of the security area, including specifying requirements for other SENSIS features
- Perform vulnerability scanning, network and perimeter monitoring
- Understands product features, and how their implementation affects product security
- Strong understanding of Agile Development, QA and Continuous Integration methods
- Bachelor of Science degree in Electrical Engineering, Computer Engineering, Computer Science or other equivalent ABET accredited Engineering program
- Digital/Analog/RF design skills
- Hands on electrical testing and troubleshooting
- You have 2+ years of industry experience in Infrastructure, Security, or Product engineering
- Knowledge of at least one computer architecture, including x86, ARM, MIPS, Power PC, or x86_64
Software Security Engineer Job Description
- Protocol analysis for compliance validation
- Familiar with standards and regulations such as OWASP, PCI, FIPS 140-2, SOC 2, ISO 27001 would be an asset
- Design, experiment with, and implement new checkers
- Make improvements to general analysis infrastructure
- Leveraging foundational IT/CS knowledge to identify/respond to common attacks through common vectors and methods, with support from senior team members
- Creating automation infrastructure and components
- Achieve a deep knowledge of our product architecture, usage patterns, and real world deployment scenarios in order to better understand what solutions will bring value to our customers
- Collaborate with members of our team to design and create full stack solutions including back end and front end code
- Keep product quality top of mind by creating automated tests for the software that you help create
- Work directly with engineers and product managers to refine and breakdown product requirements
- Knowledge of secure coding practices including common security exploits
- C programming experience (professional or academic)
- Scripting language experience (Python is preferred)
- Experience with test automation and performance evaluation is a plus (Jenkins and Travis)
- Knowledge of any Linux operating system distribution
- System administration skills and experience is an advantage