Sr. Software Security Engineer

Access Talent Today, LLC - San Francisco, CA

Job Description:

In this role, you will lead our software security program that facilitates security being baked into all of the products and infrastructure built. The responsibilities are a blend of security engineering, software engineering and project management. If you’re a security engineer looking to get into a leadership position, this is a great opportunity for you to have impact across an entire engineering organization and build a world-class software security program.

  • Lead the software security program in Engineering- ensure that security is baked in to everything we build at every step of the software development lifecycle
  • Grow a culture of security in Engineering - we do fun things like security happy hours, pizza and t-shirts
  • Maintain our software security awareness program and ensure 100% of engineers stay informed annually of top security risks and best practices
  • Create security policy, standards, procedures and guidelines for engineering
  • Perform security reviews of PRDs and technical design documents
  • Measure and grow security maturity across engineering
  • Triage security issues and provide recommended fixes
  • Facilitate independent security assessments and penetration tests
  • Evaluate new tools, processes, and frameworks; Drive adoption of the best ones
  • Review and respond to new security threats

 

Qualifications:

  • Software engineering background (must be familiar with Python and JavaScript). You may not be coding every day, but you will need to be comfortable reviewing and discussing code with software engineers
  • Familiarity with cloud security, particularly AWS Security concepts
  • Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response
  • Able to influence without authority and have excellent teamwork skills
  • Exceptionally clear communication skills- you'll need to communicate effectively and build relationships with all levels and roles

 

Desired Experience:

  • Implementing software security programs like the Security Development Lifecycle
  • Discussing security with customers
  • Implementing controls for information security compliance programs including PCI, ISO 27001 and SOC 2
  • Experience working in fast growth startup environment


Posted On: Friday, August 3, 2018



Apply to this job
  • Additional Information