The Product Security Architecture team is dedicated to making our products and technologies as secure as possible from design through development. We report into the CISO while working closely with development/engineering and other teams across the organization. Our colleagues depend on us to be application, network and host security pros. We specialize in defining security requirements, performing security assessments of our internal applications, and providing developers with remediation advice. On any given day we're pulled in to evaluate a new system, a proposed network change, or provide guidance on security/coding best practices.
What's The Role?
As a Security Automation Engineer, you will create tools and automate testing to enable us to scale and work more effectively, integrate security into the development lifecycle, and provide visibility into our security posture.
We'll Trust You To:
Develop and customize security testing tools to be used by the team and by developers
Work with development teams to find ways to integrate security testing into the SDLC
Perform code reviews of applications, manually and using static analysis tools
Provide remediation guidance and recommendations to programmers and administrators
You'll Need To Have:
Experience using and customizing security static analysis tools such as Fortify, AppScan, Coverity, or Checkmarx
Experience in software security testing, methodologies and frameworks
Familiarity with common vulnerabilities and attack vectors
The ability to communicate complicated technical issues and the risks they pose to programmers, network engineers, system administrators and management
We'd Love To See:
Experience providing security training to developers
Experience as a consultant at a highly technical information security consultancy
Experience working as a technical security architect or related security role in a company where there is a commitment to information security and technology
Experience with common build systems such as CMake and Make
Experience with continuous integration and test environments such as Jenkins and SonarQube
If This Sounds Like You:
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:
Bloomberg is an equal opportunities employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. - provided by Dice
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.