As a Lead Product Security Engineer within the Cybersecurity Technology Controls Organization, you serve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Carry out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions in support of the firm's business objectives.
Job Responsibilities
- Execute security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners)
- Create secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems
- Apply specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
- Mentor other engineers in the team in security best practices
- Lead delivery of continuity-related awareness, training, educational activities, and exercises
- Add to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities and skills
- Formal training or certification on software engineering concepts and applied experience
- Experience developing security engineering solutions
- Advanced knowledge in at least one programming language: Go, Python and/or Java
- Proficient in all aspects of the Software Development Life Cycle
- Advanced understanding of agile methodologies such as CI/CD, application resiliency, and security
- Practical experience in developing secure cloud native applications with any cloud provider.
Preferred qualifications, capabilities and skills
- Knowledge of banking / finance.
- Experience with client/server software architectures & networking, or microservice architectures.
- Experience using orchestration tools such as Kubernetes or Mesos.
- Experience with streaming architectures and tools (e.g. Kafka)
- Experience with infrastructure as code (e.g. Terraform)