The candidate will supervise and perform the review of software architecture, identification of security vulnerabilities, and occasionally implement remediations themselves or with coordination with development, product and cloud teams to get the work completed. They will also lead efforts to make recommendations and work with code owned by other teams to improve the overall security of the application and platform. Additionally, the candidate will lead and assist the team with automation of security testing using a suite of tools as well as manual security testing and manual review of features within the application.
Requirements / Skills
- 10+ years experience in application security
- Full stack development experience
- Scripting and automation experience using RESTful API's
- Knowledge of security principles (confidentiality, integrity, availability)
- Knowledge of SANS/CWE Top 25, OWASP Top 10 Proactive Controls and Application Security principals.
- Understanding of software architecture and design principles
- Experience with data encryption, cryptography and encryption key management
- Experience with automated and manual code auditing/vulnerability testing
- Familiarity with Cloud and cloud automation technologies (Terraform, Cloudformation, Ansible/Chef/Puppet)
- Full understanding of modern application architectures, from the browser to databases
- Experience developing large, scalable distributed applications
- Experience with DevSecOps & integrating security into pipelines using CI/CD tooling. (Jenkins, etc.)
- Development experience with python, Java, C# or other object oriented languages
- Experience with software development techniques to ensure applications are in compliance with PCI, HIPAA or FISMA.
- Experience with docker containers, kubernetes, and other container orchestration technologies
- Experience with Hadoop including Cloudera parcels, or Ambari stacks
- Experience developing and deploying software for enterprise customers
- Experience with Service Mesh architectures.
We encourage people from underrepresented groups to apply. Individuals seeking employment at DataRobot are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation.