Principal Application Security Engineer Rearden Commerce
THIS JOB HAS EXPIRED
Interested in this opportunity?
- Apply Now! Will take less than 5 minutes
- Refer a friend (by e-mail) to this job opportunity
Deem, Inc. delivers Commerce-as-a-Service to businesses enabling them to save, sell and syndicate resulting in lower costs, increased revenue and enhanced customer loyalty. Over the past year, more than $6.5 billion of relevant commerce transactions occurred across Deem. Deem is headquartered in San Francisco, CA.
This position, reporting to the Information Security Officer, is responsible for design and implementation of the application security program at Deem. Key components of the program are security architecture governance and application vulnerability management.
- The governance role includes development and maintenance of secure application coding standards and policies, participation in the integrated architecture governance program, and management of security exceptions and application risk assessments
- The vulnerability management responsibility includes both static code analysis and ongoing active vulnerability assessment
- The Principal Application Security Engineer will be responsible for driving selection, implementation and maintenance of all code analysis and vulnerability assessment tools and processes
- The individual will also provide support for PCI and other external audits of Deem applications and infrastructure as well as the network security functions
- Finally, the Principal Application Security Engineer will be responsible for acquiring, developing and delivering educational materials to ensure software engineers are well-trained in secure application development practices
- 3-5 years application development experience in a secure environment handling sensitive data
- 2+ years experience in application security (architect, tech lead or sr. engineer focused on application security)
- Demonstrated expertise in application security spanning multiple development platforms (Java/J2EE, .Net and Ruby on Rails)
- Practical experience implementing static, dynamic application vulnerability, risk assessment tools and programs
- Proven track record developing secure applications in Java and improving application security
- Excellent communication and consultative skills.
- Bachelors in CS or the equivalent
- CISSP, BSCS or MSCS certifications
- Application security program management experience
- SIEM implementation/support experience
- PCI audit preparation experience
- Hands-on secure application development experience in .Net and Ruby on Rails
THIS JOB HAS EXPIRED