This position is as a Software Engineer lead working in interoperability and data exchange products. The successful candidate will be responsible for driving security in our product portfolio. Job responsibilities will be as below
Develop high quality software in C++/OOAD following secure coding practices.
Architect security into software modules.
Develop Fuzzers and Fuzz Testing techniques.
Implement Static Code Analysis using tools such as Coverity, Sonar Qube.
Monitor and mitigate vulnerabilities resulting from use of Free & Open-Source Software libraries.
Develop and maintain documentation related to secure software development policies, processes, procedures and reports.
Code review the work of peers by keeping an eye on coding standards and following security best practices
Advocate and police security processes
Produce high quality Requirements, Functional, Design and Test specifications
Prerequisites and Essential functions:
Bachelor’s or Master’s degree in Computer Science, Engineering, or other numerate discipline from a reputed institute.
5-10 years software development experience in software product organization
Strong knowledge of security frameworks (OWASP, SANS CWE), secure coding practices, information security principles & architecture and industry specific auditory frameworks
Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
Experience with fuzzing, buffer overflows, and other common exploit methodologies
Experience with Static Code Analysis tools.
Expertise in C++ and Visual Studio
Expertise in object-oriented design (OOD)
Good analytical and problem-solving skills.
Excellent communication and team working skills.
Desirable Skills and Knowledge:
Software Programming & Design:
One or more years in designing, developing and deploying cloud based solutions using AWS
Experience with penetration testing technologies such as Burp Suite.
Interest in CAD / 3D geometry systems
Ability to effectively communicate and work with Product and Security professionals.
Excellent communication – verbal and written, in English.•
Organization and time management.
An energetic and proactive approach
Clear thinking and analytical problem-solving skills