Role: Sr. Security Engineer – 3696
Location : San Jose, CA
Duration: Long Term contract with possibility to convert into FTE
Job requirements :
· Must have 15 years of leading building application security infrastructure
· Excellent in designing, coding highly available, scalable, reliable services. Emphasis will be on security, concurrency, performance , web standards, service orientation
· Proficient in C++ and/or Java programming : with experience in coding for performance, and manageability of services
· Must have at least 5 years of Cryptography experience - PKI, Digital Signing, Encryption/Decryption, Key Management
· Prior hands-on experience with Key Management and HSM is highly desirable
· Must have used Crypto libraries like OpenSSL and/or JCA/JCE
· Familiar with Spring, Spring Security, Hibernate types of frameworks
· Through knowledge of HTTP, SSL, TCP/IP protocols
· Having knowledge of Linux and Hypervisor security is a big plus!
· Knowledge of OWASP TOP 10 threats like XSS, CSRF web attacks and mitigations
· Knowledge of threat modelling or other risk identification techniques
· Knowledge of system security vulnerabilities and remediation techniques
· Work in a team environment with a globally distributed team
· Assist in producing technical documentation, review them with wide audience including managers, Domain Leads, Architects, Site Ops etc.
· Knowledge of common data structures and design patterns
· Knowledge of SQL and data access patterns will be needed
· Excellent problem analysis and solving skills
· Excellent written and communication skills
· Excellent teamwork skills
· Scripting skills (e.g., Perl, Python shell scripting)
· Tools: Eclipse, maven, Git, Jenkins, Junit, Google Test etc.
· CISSP is highly desirable
· We are looking for thought leader who is passionate about security and thrive in dynamic and high pressure environment with expert in Cloud Security, Cryptography and Key Management.
· The candidate would lead security initiatives, collaborate with other domain technical leads in designing, developing and debugging security solutions.
· The candidate is expected to be a self-starter and a team player, a strong driver for results and continual improvement.
· Architect, design and implement cloud security solutions
· Work with other cross functional architects and leads like Product Management, Frameworks, Release Engineering, Quality Assurance,
· Operations teams etc. defining innovative and secure solutions that meet market needs with respect to functionality, performance, scalability, reliability,
· realistic implementation schedules, and adherence to development goals and principles
· Estimate engineering effort, plan implementation, and rollout system changes
· Identify project risks and work effectively to mitigate them
· Share release management duties on feature rollouts
· Find and help fix security/stability/scalability issues in a very time critical environment
· Support site rollouts and be available to resolve site issues
· Produce high quality technical documentation and manuals for projects for use by product development teams
· Mentor junior engineers
Om Prasad nayak | Prospance Inc | www.prospanceinc.com