Staff Engineer, Security Job Description
Staff engineer, security
provides both hands-on and high-level guidance for defensive coding practices based on mitigation of OWASP Top 10, SANS 25 software design flaws.
Staff Engineer, Security Duties & Responsibilities
To write an effective staff engineer, security job description, begin by listing detailed duties, responsibilities and expectations. We have included staff engineer, security job description templates that you can modify and use.
Sample responsibilities for this position include:
Product support responsibility for security software including HSMs, log management, key management, and ESM solutions
Champion security throughout the development lifecycle and oversee all security and vulnerability related initiatives at both application and systems levels
Help with the design and implementation of any necessary changes to improve security and eliminate vulnerabilities
Play an active part in all governance processes, ensuring application development adheres to necessary security policies, industry standards, and meets high governance requirements
Lead ESX security team to prompt response security alert and make the technical decision and fix urgent security vulnerability and provide express patch to relieve security hole
Actively coordinate with multiple security relevant teams and contribute to ESXi security design and architecture discussions
Lead, assist and collaborate with other engineers within the team
Support the security environments in multiple data centers worldwide
Defines and enforces standards, processes and procedures within the team to better streamline the group as a whole
Participates in ROC and audit evidence collection efforts
Staff Engineer, Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Staff Engineer, Security
List any licenses or certifications required by the position: CISSP, CCSP, GIAC, AWS, PCI, SANS, SSL, AZ, CISA, VSX
Education for Staff Engineer, Security
Typically a job would require a certain level of education.
Employers hiring for the staff engineer, security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Technology, Science, Computer Engineering, Information Security, Information Technology, Electrical Engineering, Math
Skills for Staff Engineer, Security
Desired skills for staff engineer, security include:
CSRs
Certificate Authority Management to build API gateways for generating certificates
Digital Certificate Management
HSMs
KMIP
OWASP Top 10
OWASP best practices and other software vulnerabilities lists
PKI
Software development lifecycle and specifically the secure development lifecycle
TLS
Desired experience for staff engineer, security includes:
Virtualization technologies, centralized management for distributed systems are big plus
Bachelors/Degree in Computer Science or other technology field
8+ years of experience developing applications in C/C++/Python programming
Strong experience in Open Source project development and maintenance is a big plus
Experience in developing multi-threaded, client-server or distributed applications
Must be comfortable in Windows environment
Staff Engineer, Security Examples
1
Staff Engineer, Security Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of staff engineer, security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for staff engineer, security
- Develop new and improve existing processes for software development
- Evangelize application security within the product delivery process by working closely with the product and services engineering teams to drive internal security, privacy, and relevant compliance initiatives related to the development and delivery of products cloud-based applications and services to our customers
- Work on security tickets and resolve and escalate to a sr
- Ensure documentation and processes are well defined so that the engineered solutions are understood and repeatable
- Ensure solutions are well built, backed up & restore tested, and consistently maintained for health
- Certification and Accreditation of DIACAP, Risk Management Framework (RMF), and DSS accredited computer networks
- The Software QA Engineer will be part of a team responsible for developing test and automation systems for our cloud-based SaaS security software
- Serve as Technical Lead/Core Team Lead for the Definition, Design and Development of complex products
- Provide all necessary software support to project manager and other project disciplines to ensure project objectives are being met
- Conduct quantitative studies on research projects, which will justify technological and architectural strategies employed in new product development
Qualifications for staff engineer, security
- Experience in State, Local Government, Education (SLED) accounts
- Bachelor of Science in Information Technology, Management Information Systems or Risk Management OR High School Diploma with 8+ years relevant work experience
- Working experience with regulations, audit and compliance frameworks
- Experience bringing security designs and secure development practices into Agile and DevOps environments, QA teams, and Product, through implementation (use cases, technical specifications, verification and testing methods)
- Strong opinions on software security and an ability to present/defend those opinions to both technical non-technical audiences
- On the cloud to join our team
2
Staff Engineer, Security Job Description
Job Description Example
Our company is looking for a staff engineer, security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for staff engineer, security
- Independently resolve technical problems, initiating design changes and providing engineering support as per project task needs
- Operate infrastructure based security tooling and scripting
- Practical risk analysis
- Locate weak points and break into systems with a strong understanding of where the attack vectors exist
- Collaborate with neighboring security teams and compliance functions to implement consistent security safeguards and controls for the company
- Full ownership for architecting and implementing differentiating IoT security and embedded technology platforms with extremely high-levels of complexity and ambiguity in multidisciplinary projects
- Conceive, design, develop, implement and test advanced system security solutions and platforms, perform scientific experiments and lead proofs-of-concept efforts while partnering closely with Business Unit leaders to determine value propositions
- Lead the hands-on design, development and validation of a variety of IoT ecosystem proof-of-concept projects and demonstrations that align with the Innovation Organization’s roadmap
- Identify opportunities for Intellectual Property development and develop patents in relevant areas for the team and the organization
- Ability to deal with ambiguity, learn new technologies and ramp up quickly is key to being successful in this role
Qualifications for staff engineer, security
- Work with a globally distributed team of IAM team members and customers
- The candidate should have at least 8+ years R&D experience and 5+ years experience of security research or security product development in wireless network security, TRM/Trustzone
- Proven successful experience of applying security techniques to meet security requirements of a Trusted Platform Module
- The candidate should have at least 3+ year experience of supporting security/communication standard/specification organization (preferred)
- The candidate should have deep understanding of cellular network security architecture
- The candidate should have comprehensive understanding of security solution and techniques for trusted computing, virtualization and mobile application
3
Staff Engineer, Security Job Description
Job Description Example
Our company is growing rapidly and is hiring for a staff engineer, security. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for staff engineer, security
- Design, Develop & operate infrastructure based security tooling and scripting
- Collaborate and report with collaborative with tools such as Jira, Service Now, and cloud based reporting tools
- Provide technology expertise, direction, coordination and consultation in the development, integration, launch, scaling and maintenance of new and existing solutions
- Design, develop and execute automation scripts on Lambda using open source tools (Python, Lua, RaspberryPi, AWS test harness)
- Standardize the platform services and dev pipeline
- Establish infrastructure technology architectures, standards, test plans, design templates and governance
- Work with the team to define standards and frameworks with regards to coding, programming and the general development of applications for multiple platforms
- Participate in scrum print planning and story estimation
- Help drive solution team strategy by identifying critical use cases implementation plan, by working with sales, partner management, product management teams and CTO office
- Deliver reference architectures, solution guides, troubleshooting tips develop fully automated integration with security tools that can be used by sales, partners and customers
Qualifications for staff engineer, security
- Primarily responsible for planning and leading the execution of UAR campaigns
- Hands on experience with various security products for network devices, privileged account management, SIEM, encryption
- Designed/implemented Identity & Access Management (IAM) solutions for identity management, identity federation and authenticating/authorizing access to system resources
- Experience designing application access control solutions using industry access control models
- Experience making tradeoffs between product velocity and overall security, ability to line up the organization behind these
- Crypto background – encryption, hashing
4
Staff Engineer, Security Job Description
Job Description Example
Our growing company is hiring for a staff engineer, security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for staff engineer, security
- Coordinate with Corporate Product Security’s Red Team to design and execute formal penetration testing of MMS products and solutions that range from embedded devices to cloud-based solutions during deployment or implementation at customer sites
- Perform internal and external covert Red Team activities to test organizational readiness for product security incidents and events
- Implement and maintain the required support security incident response IT infrastructure and keeping the required software/hardware current to the latest development of technology and attack method
- Investigate and evaluate vulnerabilities in platform services built on both a traditional LAMP stack and the cloud with Golang
- Recommend fixes based on domain knowledge for other engineering teams
- Implement suggested fixes where possible
- Contribute considerations in implementing security controls that factor in technical implications impact on end users and other developers
- Educate others in the Security and Compliance team on methods of investigation and penetration
- Demonstrate vulnerabilities and their impact to potential stakeholders
- Review the evaluations of other engineers in the team
Qualifications for staff engineer, security
- Experience with Security protocols/features such as IEEE 802.1x, MACSec, IPSec, Traffic Policy, DOS Attack, IP ACLs, and MAC Filter
- Knowledge of Control Plane Protocols for Ethernet Switching and Routing
- Sound knowledge of IP Routing/Forwarding
- Ability to evaluate/review various aspects of architecture for developing Networking solutions
- Proficient in software development tools, source code control environment and development on Linux/Unix
- Good knowledge of networking test equipment
5
Staff Engineer, Security Job Description
Job Description Example
Our growing company is looking for a staff engineer, security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for staff engineer, security
- Coordinate user IDs re-certification activities
- Provides support to project on new security role or existing role maintenance
- Be the team leader for the security offshore team to provide guidance and manage the team
- Defines high-level conceptual designs and detailed technical designs to ensure changes properly address business requirements, follow determined architecture and appropriately leverage Sailpoint IIQ functions
- Completes complex development tasks, including creating/altering third party integrations, changing the user interface, making record changes and altering application packages to enforce robust business logic
- Leverages technical expertise and relationships to contribute to strategy and help drive business results (demonstrating thought leadership)
- Participates in peer reviews and helps to set quality standards and best practices for development and knowledge of internal and external business issues to improve products or services
- Troubleshoots major development/integration issues with other technical project staff
- Follows established enterprise development and design standards, guidelines and processes
- Creates high-quality technical documentation
Qualifications for staff engineer, security
- A successful applicant will be working with a high performing team in a fast paced and exciting environment to improve core functionality and help making Aperture a great product for our customers
- Participate in the implementation of test frameworks that will make use of cloud APIs in order to achieve maximum automation and robust test coverage
- We are looking for candidates with a right mix of development and test experience
- Knowledge of multi-threaded, distributed systems is a plus
- Experience with multi-core/multi-thread programming preferred
- Oversee the release of key features