We are looking for a Software Security Engineer to assist technical leads and developers with design-time cybersecurity efforts including threat modeling and attack surface analysis, security requirements/architectural review and final security reviews and recommendations. Additionally you will:
- Recommend mitigations or fixes for security bugs.
- Recommend changes to feature design as needed to mitigate security vulnerabilities.
- Provide security best practice guidance for common technologies.
- Review source code for security vulnerabilities.
To be successful as a Security Engineer you will need:
- Bachelor’s degree or higher in Computer Science
- Experience creating threat models and data flow diagrams to identity vulnerabilities and translate them into actionable plans for mitigation.
- Strong knowledge of common web application security vulnerabilities, like injection attacks, XSS, CSRF, Spoofing, Repudiation and OWASP Top 10
- Experience with Identity Access Management solutions and protocols like, OpenID Connect, OAuth2, SAML, ADFS, etc.