Principal Software Engineer, Data & Application Security
We are looking for an experienced and passionate Principal Software Engineer who designs, implements and continuously improves data & application security concepts and processes.
This is a new role on a highly skilled and diverse delivery team of Product Owners, Business Analysts, Senior Software Engineers and Tech leads with a passion to imagine, test, build, and deploy valuable products for the company's prospects, enthusiasts, and customers. You will work in a cross-functional role and become integral part of the delivery teams which create and develop cross-functional, multi-platform and multi-technology applications to shape the digital future of the company.
If you are excited about driving innovation, solving problems and delivering software solutions that carry real business value, apply now. The position is based in Atlanta, GA at the company's North American headquarters. We are working in a hybrid work environment with onsite and remote work days.
The role includes, but is not limited to:
- Design, Implementation and continuous improvement of data and application security concepts and processes
- Actively contributing to the design and development of secure products and cloud infrastructure by guiding our software engineers and product owners
- Develop and report security risk and compliance metrics
- Developing & implementing methods to detect threats and counter attacks
- Continuously improving our software development security practices by identifying possible attack vectors and security risks early on in the development lifecycle
- Implement security gates on CI/CD pipelines
- Pushing and striving for secure products without compromising quality and functionality
- Conducting, planning, and supervising the execution of penetration tests of our products
- Ensuring high-availability and disaster-recovery capabilities of our products
- Mentoring software engineers on security-relevant topics in their code
- Build and foster relationships with other office locations in North America and globally.
- Alignment with company headquarters on security policies and procedures
- Assist in developing information security policies, standards, procedures, and guidelines
- Support ongoing compliance activities and monitoring efforts across applicable Regulations and Standards (i.e. FISMA, HITRUST, etc.).
- Define information security controls that support risk assessments and support the development of secure architectures.
- Solid knowledge of software security standards, threat assessment and secure programming methodologies
- Hands-on knowledge of AWS cloud infrastructure and services.
- Solid knowledge of modern cloud architectures and their deployments (preferably AWS & CloudFoundry)
- Experience in implementing payment processing including the relevant security standards (PSD2, PCI DSS)
- Knowledge in authentication methods (JWT, OAuth 2.0, API Gateways)
- Experience in threat monitoring and anomaly detection
- Expert knowledge of data privacy regulations and data protection methods in the US (organizational and technical)
- Experience working with Agile, Lean and/or Continuous Delivery approaches and best practices, such as Continuous Integration, Infrastructure as Code, and e2e Test Automations.
- Team player with excellent communication skills.?
- Preferably knowledge on high-availability systems and disaster recovery
- Ideally experience in the conception and rollout of an ISMS
- Ready to collaborate as part of a diverse team to tackle even the most difficult challenges
Must have a Bachelor’s degree in software engineering, technology or similar, Master’s preferred
- 5+ years engineering experience in a production environment
- 3+ years’ experience with cloud technologies
- 3+ years’ experience with modern web-based technologies
- 3+ year’s experience in cloud security and IAM configuration (preferably on AWS)
- Relevant certifications (CISSP, GIAC, SSCP, CISM, CRISC, etc.)
- Proficiency in Software Development Best Practices (SCM / Unit Tests)
- Experience with working in a global team-set up and multi team collaboration environment
- Proficiency in test automation and accessibility requirements
A Human Approach to Staffing
Our Company is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment which is free of harassment, discrimination, or retaliation because of sex, gender, race, religion, color, national origin, physical or mental disability, genetic information, marital status, age, sexual orientation, gender identity, military service, veteran status, or any other status protected by federal, state, or local laws. The Company is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment.