Principal Security Engineer (Positions available in both Phoenix, AZ and Santa Clara, CA)

Job ID
2017-4479
Category
Technical/Engineering
Job Location
US-CA-Santa Clara

Overview

Principal Security Engineer - Phoenix or Santa Clara Location

 

There could be 100 billion connected devices by 2025, leading towards a trillion-sensor ecosystem. 1 billion digital natives are expected to join the workforce over the next 7 years. In a hyper-connected era of mobile, cloud, big data, and the Internet of Things, future business models will depend on the security and availability of more data flowing through more systems and being accessed and used by more people.

 

Axway is a catalyst for transformation and a global leader in data flow governance. With Axway AMPLIFY™, our cloud-enabled data integration and engagement platform, leading brands better anticipate, adapt and scale to meet ever-changing customer expectations. From idea to execution, we help make the future possible for more than 11,000 organizations in 100 countries

 

Axway Security teams are critical to delivering secure applications and cloud services, protecting data for global customers in government, banking & financial services, healthcare, manufacturing and other security-conscious industries.  

 

The Principal Security Engineer is a key member of Product Security Group (PSG), a global R&D team focused on delivery of secure applications and cloud services. This position has primary responsibilities for secure code development, secure-by-default product deployment, securing cloud applications and evangelizing the secure development lifecycle (SDLC) throughout Axway’s global R&D organization.

 

This position has a role in performing vulnerability assessments, red team security penetration testing, and working with R&D development teams on solutions to security remediation and mitigation.

 

The position also requires strong customer empathy, communication and negotiation skills with customers and internal stakeholders.

Responsibilities

  • Lead product teams through the Axway Secure Development Lifecycle (SDLC)
  • Guide secure coding practices and processes
  • Guide secure architecture and secure product designs
  • Lead secure web applications delivery via industry leading AppSec practices
  • Lead, perform, and guide PEN testing (Fuzzing across internal product teams)
  • Support customers, development teams, and peers in technical analysis of tool outputs
  • Support the management, control and upgrade of selected SDLC tool suites
  • Assist Axway in incident handling and incident response for products and platforms

 

 

Qualifications

  • Bachelor’s degree in Computer Science, Information Technology or related field.
  • Minimum of 5 years focused on product security and application development in one or more of the areas: HTTP, XML, REST, C/C++, Java, Web Servers (Apache/IIS), and Scripting languages (Javascript, Python, node.js, etc) .
  • Knowledge of the CVE, the OWASP top ten, the SANS top 25 and vulnerability remediation techniques.
  • Threat modeling, penetration testing, fuzzing techniques
  • TLS/SSL experience 
  • Excellent technical writing, documentation, and communication skills are required.  

Helpful Skills to Support the Responsibilities:

  • Technical leadership skills, coupled with strong communication skills  
  • Cloud security, secure applications on public cloud such as AWS
  • Encryption and Crypto Libraries such as JCE, OpenSSL, Bouncy Castle etc.
  • Fortify static analysis tool experience
  • Nmap, Nessus, or other attack surface tool experience
  • Vulnerability scanning and mitigation
  • Dynamic code analysis tool usage
  • Authentication and Authorization mechanics and protocols (OAuth, SAML)  
  • Ability to learn new products and technical concepts quickly
  • Experience in DevOps, DevSecOps, security automation, and continuous integration (CI/CD)
  • Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment
  • Possess or obtain within 18 months from date of hire, an information security certification such as a CISSP, CSSLP or technical SANS certificates with Axway sponsorship.

 

Position may be required to perform other duties as required. Travel requirements may be up to 15% and include international travel destinations.

Axway is a AA and EEO Employer

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.