Senior Software Security Architect

Offer by Synchronoss Technologies

security

testing

python

About this job

Job type: Full-time
Role: System Administrator



Technologies

security, testing, python



Job description

At Synchronoss We Transform & Digitize Telecommunications, Media & Technology (TMT) Companies.

We know the TMT space. Our platforms, products, people, and partners help Telecommunications, Media, and Technology companies shift their digital business into high gear. We are helping companies create digital customer journeys that reduce cost, improve consumer satisfaction, and create new revenue.


Snapshot


The Enterprise Architecture team seeks a high-energy, motivated individual who combines solid technical credentials with a high degree of business insight for the position of Senior Software Security Architect within the Enterprise Architect’s team. You will collaborate with technology peers and business partners to embed security functions and features into all product development pipelines.


Title:  Senior Software Security Architect    

Location: Bridgewater, NJ  / Phoenix, Arizona    

How you will help:


  • Contribute to the development and deployment of a Product Security strategy for Synchronoss products to support business and customer needs.
  • Partner with software engineers and development teams on building information security requirements and specifications into Synchronoss products.
  • Facilitate compliance with product security policies, practices and legal requirements
  • Review internally developed code for advanced security issues as part of an Agile Development process and educate Product Development teams on secure coding best practices.
  • Develop and leverage automation and analytics capabilities to improve our cyber threat detection and prevention capabilities.
  • Contribute to the development and implementation of threat modeling exercises with product teams.
  • Assist with product penetration testing and interact with penetration testers and other external vendors to validate security controls.
  • Develop and maintain internal libraries that provide common implementations of critical security controls.
  • Research and evaluate new Product Security technologies for internal consumption.


It would be great if you had:


    • 10 to 15 plus years of extensive software development experience:
    • Fully competent in most of the programming languages, software engineering methodologies, and software development tools our team uses:
      • Java, Python, jUnit, SQL, Elasticsearch
      • Angular2, Node.js, HTML5, JSON
      • AWS, UNIX/Shell, Bamboo, Jenkins, Maven, Gradle
    • Extensive experience of application/product security experience in a large enterprise.
    • Demonstrated and hands-on experience in the following areas:
      • Source code auditing, penetration testing, product assessments, vulnerability research, and reverse engineering
    • Strong understanding of the software development lifecycle (SDLC).
    • Strong experience in conducting static analysis (SAST), dynamic analysis (DAST), security technical implementation guide (STIG), and fuzz testing (FUZZY) and vulnerability scans
    • Experience with various security tools and products (Fortify SCA, Fortify WebInspect, Burp Suite, Checkmarx, Nessus, IBM AppScan, etc.)
    • Experience with common security scoring systems – CVSS v3 and CWSS, and secure coding standards/best practices
    • Experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
    • Excellent verbal and written communication skills.
    • One or more of the following security certifications preferred: Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), GIAC Mobile Device Security Analyst (GMOB), Offensive Security Certified Professional (OSCP), or similar security certification(s).
    • BS in Computer Science preferred


What we offer:


·       Competitive Salary + Bonus

·       Flex Time PTO

·       Healthcare

·       401K

·       Vision

·       Dental

Synchronoss is an equal opportunity employer and prohibits discrimination, prejudice and harassment of any kind. All employment is decided on the basis of qualifications, merit, and business need.



A new version is available REFRESH