Job Summary We are seeking a Senior Software Security Engineer to support and advance the organization's Secure Software Development Program. This role will be responsible for integrating security throughout the software development lifecycle, providing application security guidance, conducting security assessments, and implementing security controls that strengthen the organization's overall security posture. The ideal candidate will have a strong background in application security, secure software development, threat modeling, and vulnerability management, combined with the ability to collaborate effectively with engineering and product teams. Key Responsibilities Contribute to the design, implementation, and continuous improvement of the Secure Software Development Program. Develop, maintain, and enforce software security policies, standards, and best practices. Provide security architecture guidance and recommendations to engineering and product teams. Perform application security testing, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Penetration Testing Partner with development teams to integrate security practices throughout the software development lifecycle (SDLC). Identify, assess, prioritize, and support remediation of application vulnerabilities and security defects. Analyze application security data and translate findings into actionable recommendations. Conduct code reviews and provide secure coding guidance to development teams. Support secure coding initiatives through training, documentation, and knowledge-sharing activities. Participate in threat modeling exercises and architectural security reviews. Perform risk assessments and define security requirements for applications and services. Implement, configure, and scale enterprise application security tools, services, and controls. Collaborate with stakeholders to balance security requirements with business and development objectives. Support continuous improvement initiatives focused on enhancing application security maturity and capabilities. Required Qualifications Experience in Software Security Assurance, Application Security, or related cybersecurity disciplines. Strong understanding of secure software development lifecycle (SSDLC) principles. Experience working with application security technologies and tools, including: Static Application Security Testing (SAST) Software Composition Analysis (SCA) Secrets Management Solutions Strong software development or application engineering background. Knowledge of common application vulnerabilities, attack vectors, and exploitation techniques. Experience implementing secure coding practices and remediation strategies. Understanding of secure software design principles and application architecture. Experience integrating security controls and practices into Agile development environments. Experience with: Code reviews Threat modeling Security requirements analysis Architectural risk assessments Strong analytical, troubleshooting, and problem-solving skills. Excellent communication and stakeholder collaboration skills. Ability to analyze complex security data and provide actionable recommendations. Preferred Qualifications 2+ years of hands-on experience with: Static analysis tools Threat modeling methodologies Application security assessment technologies Experience implementing and scaling enterprise-grade application security programs and tooling. Experience supporting cloud-native and modern application architectures. Familiarity with DevSecOps practices and automated security testing pipelines. Experience supporting enterprise software development environments. Certifications No certifications specifically required; relevant application security and cybersecurity certifications are considered a plus. Primary Skills Application Security Software Security Assurance Secure Software Development Lifecycle (SSDLC) Secure Coding Practices Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modeling Penetration Testing Code Review Security Architecture Vulnerability Management DevSecOps OWASP NIST CIS Controls Architectural Risk Assessment Security Requirements Analysis Agile Security Integration Enterprise Application Security Tools Education: Bachelors Degree
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: compun
- Position Id: TIWDC5818392
- Posted 15 hours ago
Never miss an opportunity! Create an alert based on the job you applied for.
