Position Title: Software Engineer
Position Number: 375277
Location: San Jose, CA 95108
Position Type: Temporary
Required Skill Set:
GitHub, Java, Security
**Only U.S. Citizens and those authorized to work in the U.S. can be considered as W2 candidates.**
Job Title: Software Engineer
Work Location: San Jose, CA
Day to Day Responsibilities of this Position and Description of Project:
We are looking for a highly motivated software engineer to join Client Global Information Security team to tackle the problems of tomorrow while continuing to build and secure the foundation of today.
Identify and prevent security issues in source-code through security reviews, automated and manual code assessments.
Work with Compliance and other stakeholders to address risk considerations in the context of securing source-code across Git version control systems.
Develop and manage systems and tools to protect from security risks emanating from unused or inactive code/build artifacts
Develop and maintain security utilities and metrics dashboards that help team to track/report on compliance and potential improvements
Review security findings/violations reports and coordinate remediation efforts
Build automated test suites for common application (OWASP10) vulnerabilities
Evaluate software security products and technologies, as required
Ability to multi-task and thrive on a small team in a fast-paced environment
You would help define overall application security strategies, procedures and operational processes to ensure predictable software development outcomes; refine Information Security processes and procedures.
5+ years software engineering experience including application security experience
Advanced experience reading and writing source code in a variety of languages including Node.js, Java etc.
Should be able to deep dive into existing code to identify security risks and provide guidance on remediation
Proficiency in Github and Git version control systems
Good understanding of build and repository management tools like Maven, Nexus and JFrog Artifactory etc. and CI/CD pipelines
Knowledge of application vulnerabilities (OWASP top 10 etc.) as it relates to secure product development
Experience in container, container orchestration technologies like Docker, Kubernetes etc. is a plus
Ability to build automation tools for security processes for web applications
Ability to clearly articulate issues and communicate in an effective and personable manner