Software Security Engineer
This company located in Portland, Oregon which is a leading supplier of small, rugged, and modular networking solutions primarily to the DoD is seeking a Software Security Engineer for a full-time, direct opportunity. The company's 400 series product line has become a 'de-facto' standard for deployed IP communications in the US Army and USMC. A series of wins over the last 3 years has resulted in significant growth in this business.
The selected candidate will be responsible to analyze software designs and implementations from a security perspective, and to identify and resolve security issues. You will include the appropriate security analysis, defenses and countermeasures at each phase of the software development lifecycle, to result in robust, reliable and secure software. In general, you will: perform application security assessments, including architecture review, threat modeling, code review and penetration testing, and assist and enable our software engineering teams to adopt and apply secure software development practices. Implement, test, and operate advanced software security techniques in compliance with technical reference architecture.
Perform on-going security testing and code review to improve software security. Provide software development support in addressing identified security issues. Provide engineering designs for new and existing software solutions to help mitigate security vulnerabilities. Contribute to all levels of the architecture with respect to software security. Maintain and review technical documentation relating to software security. Consult team members on secure coding practices. Develop a familiarity with emerging software security tools and best practices. Perform application security assessments including architecture review, threat modeling, code review and penetration testing. Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
Develop and direct Joint Interoperability Test Command (JITC) compliance verification procedures. Develop and automate security tools. Maintain familiarity with industry standard software security certifications. Work with engineering and product teams to drive security issues to resolution. Other duties as assigned.
The ideal candidate should possess a BS degree in Computer Science or related field, or equivalent related industry experience. Should possess a minimum 8 years of software development experience in a professional environment.
Minimum 5 years of proven work experience as a software security engineer. Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation. Software development experience in C# and .Net. Adequate knowledge of network/web related protocols.
Experience with security tools and technologies used throughout Secure Software Development Life Cycles. Experience in providing Security Code reviews in languages such as C# and F#. Experience in penetration testing and fuzz testing technologies and techniques. Familiarity with addressing and remediating OWASP Top 10 security issues. Interest in all aspects of security research and development
Volt is an Equal Opportunity Employer