Software Security Engineer, TNG @ HRS Hospitality & Retail Systems
Job description
Software Security Engineer
Our team is looking for Software Security Engineer to join our team building next-generation microservice-based enterprise applications. As a Development Security Engineer, you will be part of an agile team with Backend and Front End developers, Product Owners, and QA engineers. You will analyze our software designs and implementations from a security perspective٫ in order to identify and resolve security issues. Your duties will include the appropriate security analysis٫ defences and countermeasures at each phase of the software development lifecycle٫ to result in robust and reliable software.
You should have a solid technical background and great abilities of security threats prevention. We also expect you to have an analytical mindset and to be an efficient team player.
Job responsibilities:
- Plan٫ test and implement advanced software security techniques in compliance with technical reference architecture
- Organize on-going security testing and code review to improve software security
- Detect٫ troubleshoot and debug issues that arise
- Prepare engineering designs for new software solutions to help mitigate security vulnerabilities
- Participate in the team’s work at all levels of the architecture
- Prepare and maintain technical documentation
- Provide help and consulting to team members on secure coding practices
- Stay informed about new tools and best practices of the industry
- Tasks include reviewing the application design and code (UI, Middleware, Database, cloud, thin and thick client applications) to identify the potential security vulnerabilities, and propose the solutions to strengthen/resolve the same
- Usually works with little supervision, conferring with superiors on unusual or extremely complex matters. Assignments are broad in nature, usually requiring originality and ingenuity
- May provide guidance, assistance, and technical leadership to lower level QA engineers on application security related matters
- Interacts internally/externally on as needed basis to exchange information
- Requires excellent written and oral communication skills as well as relationship building competencies
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- Mentor QA from various scrum teams to perform a better security testing in development cycles.
- Managing Certifications Prov
- en track record of Information Security Governance Requ
irements: Mini
- mum 3 years’ experience including experience as security SPOC. Prov
- en work experience as a QA security engineer or information security engineer. Deta
- iled technical knowledge of web, cloud and in premise application, database and operating system security Hand
- s on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. Thor
- ough understanding of the latest security principles, techniques, and protocols Expe
- rience with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols. Expe
- rience in testing software products developed using Microsoft Technologies, JAVA, PL/SQL, Web Services. Prob
- lem solving skills and ability to work under pressure Expe
- rience in Defining and Enforcing Secure testing best practices Expe
- rience in using and developing scripts and/or tools that identify and resolve the vulnerabilities in the application architecture and code Prov
- en track record of working with development teams to build secure solutions Expe
- rience in security standards and protocols of Middle ware, web services, service bus etc. Must
- has performed Security POC role for an enterprise grade product or product suite We w