Tuesday, January 13, 2015

Sr. Security Engineer

Role: Sr. Security Engineer – 3696
Location : San Jose, CA
Duration: Long Term contract with  possibility to convert into  FTE

Job requirements :
·         Must have 15 years of leading building application security infrastructure
·         Excellent in designing, coding highly available, scalable, reliable services. Emphasis will be on security, concurrency, performance , web standards, service orientation
·         Proficient in C++ and/or Java programming : with experience in coding for performance, and manageability of services
·         Must have at least 5 years of Cryptography experience  - PKI, Digital Signing, Encryption/Decryption, Key Management
·         Prior hands-on experience with Key Management and HSM is highly desirable
·         Must have used Crypto libraries like OpenSSL and/or JCA/JCE
·         Familiar with Spring, Spring Security, Hibernate types of frameworks
·         Through knowledge of HTTP, SSL, TCP/IP protocols
·         Having knowledge of Linux and Hypervisor security is a big plus!
·         Knowledge of OWASP TOP 10 threats like XSS, CSRF web attacks and mitigations
·         Knowledge of threat modelling or other risk identification techniques
·         Knowledge of system security vulnerabilities and remediation techniques
·         Work in a team environment with a globally distributed team
·         Assist in producing technical documentation, review them with wide audience including managers, Domain Leads, Architects, Site Ops etc.
·         Knowledge of common data structures and design patterns
·         Knowledge of SQL and data access patterns will be needed
·         Excellent problem analysis and solving skills
·         Excellent written and communication skills
·         Excellent teamwork skills
·         Scripting skills (e.g., Perl, Python shell scripting)
·         Tools: Eclipse, maven, Git, Jenkins, Junit, Google Test etc.
·         CISSP is highly desirable

·         We are looking for thought leader who is passionate about security and thrive in dynamic and high pressure environment with expert in Cloud Security, Cryptography and Key Management.
·         The candidate would lead security initiatives, collaborate with other domain technical leads in designing, developing and debugging security solutions.
·         The candidate is expected to be a self-starter and a team player, a strong driver for results and continual improvement.
·         Architect, design and implement cloud security solutions
·         Work with other cross functional architects and leads like Product Management, Frameworks, Release Engineering, Quality Assurance, 
·         Operations teams etc. defining innovative and secure solutions that meet market needs with respect to functionality, performance, scalability, reliability,
·         realistic implementation schedules, and adherence to development goals and principles
·         Estimate engineering effort, plan implementation, and rollout system changes
·         Identify project risks and work effectively to mitigate them
·         Share release management duties on feature rollouts
·         Find and help fix security/stability/scalability issues in a very time critical environment
·         Support site rollouts and be available to resolve site issues
·         Produce high quality technical documentation and manuals for projects for use by  product development teams
·         Mentor junior engineers

Om Prasad nayak | Prospance Inc | www.prospanceinc.com