Product Security Engineer
Company: NSS
Location: Virginia Beach
Posted on: April 28, 2024
Job Description:
We are working on a project that tackles the problem of managing
large-scale IT networks. We are seeking talented and highly
motivated engineers to join us in bringing this project to a larger
audience. You would be responsible for helping to create, evolve,
document, and implement security development and deployment
practices for a product that's delivered both on-premises as well
as to the cloud.
Our product is a .NET Core application (with some TypeScript and
Python components backed primarily by PostgreSQL, that serves both
a web frontend and REST API. The application source is hosted in
GitLab, and we use merge requests and GitLab CI to manage our code
contribution workflows.
Things we really need
- Experience maintaining a secure software supply chain
(monitoring for CVEs, creating SBOMs, etc.)
- Experience evaluating security best practices and applying them
to processes and assets
- Experience reviewing code and architecture to identify
potential security issues
- Experience writing internal documentation around security
evaluations and decisions
- Experience with security monitoring infrastructure (log
analysis, web application firewalls) Things we want too
- Familiarity with writing infrastructural code in support of
security goals (abstractions, constraints, etc.)
- Familiarity with working with developers to help them learn and
self-apply secure development principals
- Familiarity with government/industry security auditing
processes
- Specific familiarity with web security concepts and best
practices (TLS/HTTPS, common web vulnerabilities, federated
authentication, etc.) Things that are extra cool
- Specific familiarity with government programs pertaining to
secure application development (STIGs, APL, NIAP)
- Specific experience with the Microsoft web application
development stack (C#, .NET, ASP.NET)
- Specific experience with AWS security tooling
- Experience with static application security analysis tools Our
end of the bargain
- Remote-first environment (if that's your thing)
- Dedicated collaborative office space in NoVA (if that's your
thing)
- We respect work/life balance
- Occasional on-site team summits
- Competitive salary and annual reviews Our perfect candidate in
summary: Someone currently working within product security but has
a background in software development, preferably .Net
Keywords: NSS, Virginia Beach , Product Security Engineer, Engineering , Virginia Beach, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...