Please direct your responses to: lori.itani@fisglobal.com
SOFTWARE SECURITY LEAD - Mobile (Job# 1503397)
JOB SUMMARY:
This is a key hands-on position leading the effort to analyze and remedy security issues around mobile, web, and server software applications, as well as internal and external supporting tools. You will guide the team through the whole security development life cycle, by developing best practices, performing scans, managing escalations, designing and implementing security measures, providing supporting documentation, and driving security-related capabilities and tooling. You will also work closely with software architects, developers, product managers, as well as QA and operational teams. Additionally, you will co-ordinate around security issues with affiliated technical teams and other engineering groups.
RESPONSIBILITIES:
* Expert / Lead role that includes team leadership (teacher/mentor/coach) responsibilities, as well as leading and managing projects
* Try to break our systems and APIs, then ensure no one else can
* Perform internal scans, evaluate 3rd party scans, analyze results, and prepare action plans
* Develop and deliver security roadmaps to communicate security state and address top risks across products
* Conduct security reviews of application architectures to assess technical and business risk, identify threats and vulnerabilities, and propose solutions
* Understand and evangelize industry best practices, drive internal awareness sessions and workshops
* Keep up to date on latest attack trends and methods, particularly those concerning mobile and web applications
* Analyze and replicate suspected or reported attacks, using advanced industry tools
* Participate in the design process to identify thread models, perform design and code reviews
* Work hands-on to improve and extend our security frameworks
* Develop test plans for security verification and assist development teams with security testing methodologies and tools
* Analyze, design, program, debug, and modify software enhancements and/or new products
* Interact with product managers and/or users to define system requirements and/or necessary modifications
* Participate in software design meetings and analyze user needs to determine technical requirements
* Write technical specifications based on conceptual design and stated business requirements
* Write code, complete programming, and perform testing and debugging of applications using current programming languages and technologies
* Complete documentation and procedures for installation and maintenance.
* May be responsible to develop or execute project plans, budgets, and schedules and for documenting work and results.
* May deliver informational and decision-seeking presentations to technical and business groups to internal and/or external audiences
QUALIFICATIONS/ REQUIREMENTS:
* 7+ years of professional software security experience, including penetration testing and secure software development
* 3+ years of experience in application security architecture and design
* Deep understanding of security aspects of Internet technologies, architectures, and protocols: browsers, cookies, web servers, proxies, firewalls, sockets, TCP/IP. SSL, PKI, X509, SAML, OAuth
* Experience with securing either iOS or Android apps, ideally both
* Proven understanding of Cryptography and Java Security APIs
* Proficiency in Enterprise Java application architectures, and broad knowledge of security-related OSS libraries, such as Spring Security
* In-depth and hands-on experience with application servers and web service standards and technologies (REST / JAX-RS, SOAP)
* Practical experience with a range of ethical hacking tools.
* Understanding of static code analysis tools such as Fortify
* Experience with Relational databases (XML / XSL, HTML, JavaScript, JSON, UNIX / bash)
* Understanding of agile development processes - at least basic level���
* Knowledge of standards relevant to the software industry (e.g., ISO, CMM, Six Sigma)
* BS/BA in Computer Engineering, Computer Science or equivalent
* Outstanding verbal and written communication skills, as well as excellent analytical, decision-making, problem-solving, team, organizational and time management skills
* Ability to persuade and influence others on the best approach to take
* Ability to estimate work effort for project sub-plans or small projects and ensure the project is successfully completed
* Positive outlook, self-motivated strong work ethic, and responsive to internal and external clients and contacts
* Willingly to successfully fulfill the role of teacher, mentor and coach
ABOUT US
Why FIS Mobile?
Our mission is simple: create software that allows users to have an immediate connection with their money through the power of mobile.
Our business to business solution is branded for our customers - banks and retailers - so you might not have heard about FIS Mobile. But, chances are, if you've used a mobile banking app on your phone, you were using FIS Mobile software!
Our industry-leading product is only one reason you should work for FIS Mobile.
We have a creative and intellectually stimulating environment where new ideas fuel our mobile solutions engine. We have an innovation lab called "The Garage" where we can tinker and test out our new ideas. We think of FIS Mobile as an innovative, high growth, and nimble organization business operating within the stable Fortune 500 company of FIS Global, the world's preeminent provider of financial technology solutions. FIS Global's reputation as a stable Fortune 500 company and category killer in several market segments (including Mobile!) is unsurpassed globally.
Most importantly for us, we work at FIS Mobile because we like what we do, we work well together and value work-life balance.
At FIS Mobile, we believe it takes more than delivering a product in a box, it requires a passionate and dedicated workforce to develop influential and game-changing products and services.
Are you in?
We have offices in San Francisco (near BART the Ferry), Larkspur (near the Ferry) and Petaluma
This is a key hands-on position leading the effort to analyze and remedy security issues around mobile, web, and server software applications, as well as internal and external supporting tools. You will guide the team through the whole security development life cycle, by developing best practices, performing scans, managing escalations, designing and implementing security measures, providing supporting documentation, and driving security-related capabilities and tooling. You will also work closely with software architects, developers, product managers, as well as QA and operational teams. Additionally, you will co-ordinate around security issues with affiliated technical teams and other engineering groups.
RESPONSIBILITIES:
* Expert / Lead role that includes team leadership (teacher/mentor/coach) responsibilities, as well as leading and managing projects
* Try to break our systems and APIs, then ensure no one else can
* Perform internal scans, evaluate 3rd party scans, analyze results, and prepare action plans
* Develop and deliver security roadmaps to communicate security state and address top risks across products
* Conduct security reviews of application architectures to assess technical and business risk, identify threats and vulnerabilities, and propose solutions
* Understand and evangelize industry best practices, drive internal awareness sessions and workshops
* Keep up to date on latest attack trends and methods, particularly those concerning mobile and web applications
* Analyze and replicate suspected or reported attacks, using advanced industry tools
* Participate in the design process to identify thread models, perform design and code reviews
* Work hands-on to improve and extend our security frameworks
* Develop test plans for security verification and assist development teams with security testing methodologies and tools
* Analyze, design, program, debug, and modify software enhancements and/or new products
* Interact with product managers and/or users to define system requirements and/or necessary modifications
* Participate in software design meetings and analyze user needs to determine technical requirements
* Write technical specifications based on conceptual design and stated business requirements
* Write code, complete programming, and perform testing and debugging of applications using current programming languages and technologies
* Complete documentation and procedures for installation and maintenance.
* May be responsible to develop or execute project plans, budgets, and schedules and for documenting work and results.
* May deliver informational and decision-seeking presentations to technical and business groups to internal and/or external audiences
QUALIFICATIONS/ REQUIREMENTS:
* 7+ years of professional software security experience, including penetration testing and secure software development
* 3+ years of experience in application security architecture and design
* Deep understanding of security aspects of Internet technologies, architectures, and protocols: browsers, cookies, web servers, proxies, firewalls, sockets, TCP/IP. SSL, PKI, X509, SAML, OAuth
* Experience with securing either iOS or Android apps, ideally both
* Proven understanding of Cryptography and Java Security APIs
* Proficiency in Enterprise Java application architectures, and broad knowledge of security-related OSS libraries, such as Spring Security
* In-depth and hands-on experience with application servers and web service standards and technologies (REST / JAX-RS, SOAP)
* Practical experience with a range of ethical hacking tools.
* Understanding of static code analysis tools such as Fortify
* Experience with Relational databases (XML / XSL, HTML, JavaScript, JSON, UNIX / bash)
* Understanding of agile development processes - at least basic level���
* Knowledge of standards relevant to the software industry (e.g., ISO, CMM, Six Sigma)
* BS/BA in Computer Engineering, Computer Science or equivalent
* Outstanding verbal and written communication skills, as well as excellent analytical, decision-making, problem-solving, team, organizational and time management skills
* Ability to persuade and influence others on the best approach to take
* Ability to estimate work effort for project sub-plans or small projects and ensure the project is successfully completed
* Positive outlook, self-motivated strong work ethic, and responsive to internal and external clients and contacts
* Willingly to successfully fulfill the role of teacher, mentor and coach
ABOUT US
Why FIS Mobile?
Our mission is simple: create software that allows users to have an immediate connection with their money through the power of mobile.
Our business to business solution is branded for our customers - banks and retailers - so you might not have heard about FIS Mobile. But, chances are, if you've used a mobile banking app on your phone, you were using FIS Mobile software!
Our industry-leading product is only one reason you should work for FIS Mobile.
We have a creative and intellectually stimulating environment where new ideas fuel our mobile solutions engine. We have an innovation lab called "The Garage" where we can tinker and test out our new ideas. We think of FIS Mobile as an innovative, high growth, and nimble organization business operating within the stable Fortune 500 company of FIS Global, the world's preeminent provider of financial technology solutions. FIS Global's reputation as a stable Fortune 500 company and category killer in several market segments (including Mobile!) is unsurpassed globally.
Most importantly for us, we work at FIS Mobile because we like what we do, we work well together and value work-life balance.
At FIS Mobile, we believe it takes more than delivering a product in a box, it requires a passionate and dedicated workforce to develop influential and game-changing products and services.
Are you in?
We have offices in San Francisco (near BART the Ferry), Larkspur (near the Ferry) and Petaluma
__._,_.___
Posted by: KIT List Jobs <jobposting2@kitlist.org>
| Reply via web post | • | Reply to sender | • | Reply to group | • | Start a New Topic | • | Messages in this topic (1) |
****************************************************************
Join the new KIT Resources List!
You'll get job tips, notices for free or low-cost career events, services, and job fairs. Just send an email to:
KITlistResource-subscribe@yahoogroups.com
Please go to www.KITlist.org to join, post jobs, or see our FAQs. If you have any comments or questions, you can reach us KITtechmoderator@KITlist.org.
By using the KIT List you agree to comply with the Terms of Use on the site, and will not use discriminatory employment practices. The KIT List is a service of Connelly Communications, Inc.
TO UNSUBSCRIBE:
Replying to KIT emails with an "unsubscribe" request does not work.
Instead, just send an email (from the same account you used to subscribe) to KITlist-Tech-unsubscribe@yahoogroups.com. If you are still receiving emails after a few days, please email us at KITtechmoderator@KITlist.org and we will manually remove you. Thanks!
Join the new KIT Resources List!
You'll get job tips, notices for free or low-cost career events, services, and job fairs. Just send an email to:
KITlistResource-subscribe@yahoogroups.com
Please go to www.KITlist.org to join, post jobs, or see our FAQs. If you have any comments or questions, you can reach us KITtechmoderator@KITlist.org.
By using the KIT List you agree to comply with the Terms of Use on the site, and will not use discriminatory employment practices. The KIT List is a service of Connelly Communications, Inc.
TO UNSUBSCRIBE:
Replying to KIT emails with an "unsubscribe" request does not work.
Instead, just send an email (from the same account you used to subscribe) to KITlist-Tech-unsubscribe@yahoogroups.com. If you are still receiving emails after a few days, please email us at KITtechmoderator@KITlist.org and we will manually remove you. Thanks!
.
__,_._,___
No comments:
Post a Comment