Sign in

Application Developer Lead CyberSecurity

Company:
Software
Location:
Seattle, Washington, United States
Posted:
January 08, 2019

Description:

Title : Application Developer Lead CyberSecurity

Location : Seattle, WA

Duration : 6-12 Months Contract

Job Summary & Mission:

This job contributes to the organizations success by providing technical leadership in applications security development for complex projects both on premise and in the cloud. Makes security recommendations and decisions on complex or ambiguous application implementation issues. Highly knowledgeable in more than one business area. Provides supervision and guidance in security requirements gathering activities, ensuring that platform security standards and best practices are successfully implemented across our application stack Codes, tests, debugs, documents and implements highly automated security services in complex software applications and environments. Provides technical direction, training and guidance for less experienced engineers.

Summary of Key Responsibilities:

• Collaborates with business partners, other Information Technology (IT) teams and fellow application developers to arrive at recommendations for technical security decisions. This includes package selection, and systems design and modifications. Initiates process improvements for new and existing systems.

• Designs, develops, implements, documents, and tests changes to security services. Codes, tests, debugs, documents, and implements high quality security controls and services to enable business capabilities and expectations. Initiates security design reviews for new and existing applications and adheres to Organization’s

• global security standards.

• Leads, coaches, and mentors other team members. Performs cross-training and facilitates information sharing among team members. Assist with management of team tasks, projects, and performance reviews.

• Provides supervision and guidance in requirements gathering and functional specification activities. Translates security requirements and functional capabilities into technical designs. Assists with development of functional capabilities and resolves complex design issues.

• Recommends and establishes new software development, testing and documentation standards. Monitors and ensures compliance of standards.

• Resolves or assists with escalated security service issues as needed. Leads and coordinates activities to develop and execute plans to mitigate occurrence and reoccurrence of production issues. Oversees and contributes to the documentation of production support processes. Anticipates long term support issues and plans for corrective actions. Supervises and collaborates with support teams to ensure complex issues are resolved in a timely manner. Performs root cause analysis to identify permanent resolutions to software or business process issues.

Basic Qualifications:

• 8 years Analyzing, diagnosing and proposing security solutions and services to application delivery team

• 8 years Application development and programming experience

• 8 years Providing support to various business applications

• 8 years Providing technical oversight and guidance on technical projects on a variety of application platforms

• 6 years Mentoring, coaching and leading other technical team members

• 6 years Working with process owners and identifying information technology security solutions that enable business process improvements

Required Knowledge, Skills and Abilities:

• Application security threat modeling

• Strong analytical and problem-solving skills

• Proficiency in programming languages

• Ability to quickly learn new application systems and technologies

• Knowledge of basic project management framework and methodology

• Ability to accurately break down complex security designs patterns into component deliverables and estimate design and development timelines

Technical Proficiency:

• Knowledge of networking protocols, firewall, REST services, data store (file, db, no-sql, queue), web servers (Apache Tomcat, NGINX, IIS)

• Experience with cloud provider and cloud concepts (e.g. Azure, AWS, GCP)

• Understanding of implications from design and implementation choices toward building secure, scalable, durable, flexible, accessible solutions.

• Linux (Ubuntu, CoreOS, RedHat) and/or Microsoft Windows Server and associated technologies (Active Directory, Exchange etc.)

• One or more scripting language (e.g. Bash, PowerShell, Ruby, Python)

• One or more version control platform (e.g. Git, Perforce, SVN, TFVC)

• Experience working in a DevSecOps or DevOps culture; one or more DevOps, Orchestration/Configuration Management and Continuous Integration technology (e.g. Chef, Puppet, Docker/Kubernetes, Jenkins, Ansible, Terraform, ELK stack, Splunk etc.)

• Expert in analyzing and troubleshooting applications.

• Extensive understanding in SDLC and scrum methodologies.

• Bachelors in Computer Science or equivalent work experience

• Ability to write and value high quality, reusable software with minimal defects

• Aptitude to prototype new, innovative technologies to assess relevance, fit, uses and value.

• Effective in learning and incorporating new technologies, concepts and development languages.

• Thorough understanding of application architecture, infrastructure and security concepts and technical implementation.

• Ability to accurately break down complex security designs and patterns into component deliverables and estimate design and development timelines.