Intuit Inc.
Principal Software Engineer, Small Business Cybersecurity and Fraud
Intuit Inc., Atlanta, Georgia, United States, 30383
Do you take joy in stopping bad actors in their tracks? Join the SBSEG (Small Business and Self-Employed Group) Security & Abuse Prevention team to design and develop the next generation of security and fraud protections for small businesses around the world.As part of the team, you will work with product engineers, abuse, fraud, and security specialists and data scientists to rapidly deliver tools, software components, and services that frustrate fraudsters and delight Intuit’s customers. You must be ready to learn fast and innovate. You will bring your past leadership experience to develop and coach teams to navigate through ambiguity and help teams deliver services that are secure and delightful to our customers. You will also participate in security incident management and drive root cause analysis eventually leading to the development of controls that will prevent repeated security exploitations.Responsibilities
Drive design and implementation of secure workflows for Small Business applications and servicesAssess and identify potential security risks and vulnerabilities in small business products and services deployed in multi-cloud environments and guide teams on solutions to mitigate themEnsure compliance with Intuit security standards, policies, and regulatory requirementsDevelop and implement security best practices and standards for generative AI based applications, and servicesCollaborate with other architects and stakeholders to ensure security is integrated throughout the system development lifecycle and is not an afterthoughtInnovate to boost velocity by employing a shift-left approachParticipate in security incident management and drive root cause analysis for future avoidance across IntuitDrive resolution of systemic security issues with tactical and strategic mindsetCommunicate security risks and concerns to senior leadership and stakeholders and develop plans to address themDevelop and maintain strong relationships with business domain leadership to keep track of changing business needs and prioritiesWork with application developers, users, operational leadership, and subject matter experts to understand current and future security goals. Recommend modern technology stacks to meet those goals and help engineering teams migrate towards their useMinimum Qualifications10+ years’ experience implementing, managing or governing security technologies, application security, network security, intrusion detection and digital forensicsExperience in securing generative AI workflows from data leakage, prompt injection, membership inference and model theft attacks5+ years’ experience with threat modeling for mobile applications, microservices deployed in distributed systems, web applications, serverless applications and data pipelinesProficiency in understanding security threat landscape through the application of well-known industry frameworks like OWASP top 10 for API, applications, mobile apps, LLMsStrong programming skills in languages such as Python, Java, PHP, C++, or similar, with a focus on secure coding practicesIn-depth understanding of data security technologies and identity protocols to ensure strong authentication/authorization mechanisms to help design and protect secure small business products and servicesExperience working with cross-functional teams across the organizationStrong debugging, problem solving and investigative skillsAbility to assimilate disparate information (log files, error messages etc.) and pursue leads to find root cause problemsExperience with Agile/Scrum methodologySelf-starter who can work independentlyPreferred QualificationsBachelor’s/master’s degree in MIS, Computer Science, Math, Engineering or comparable major. Equivalent experience will be consideredWell versed with secure prompt engineering techniques for Large Language models like ChatGPT, Gemini, AnthropicAbility to apply technology and consulting to boost productivity by automating repeated tasksPossess great interpersonal skills and can communicate and present complex issues with assurance and confidenceDemonstrate the use of consulting skills including questioning, listening, ideas development and influencing
#J-18808-Ljbffr
Drive design and implementation of secure workflows for Small Business applications and servicesAssess and identify potential security risks and vulnerabilities in small business products and services deployed in multi-cloud environments and guide teams on solutions to mitigate themEnsure compliance with Intuit security standards, policies, and regulatory requirementsDevelop and implement security best practices and standards for generative AI based applications, and servicesCollaborate with other architects and stakeholders to ensure security is integrated throughout the system development lifecycle and is not an afterthoughtInnovate to boost velocity by employing a shift-left approachParticipate in security incident management and drive root cause analysis for future avoidance across IntuitDrive resolution of systemic security issues with tactical and strategic mindsetCommunicate security risks and concerns to senior leadership and stakeholders and develop plans to address themDevelop and maintain strong relationships with business domain leadership to keep track of changing business needs and prioritiesWork with application developers, users, operational leadership, and subject matter experts to understand current and future security goals. Recommend modern technology stacks to meet those goals and help engineering teams migrate towards their useMinimum Qualifications10+ years’ experience implementing, managing or governing security technologies, application security, network security, intrusion detection and digital forensicsExperience in securing generative AI workflows from data leakage, prompt injection, membership inference and model theft attacks5+ years’ experience with threat modeling for mobile applications, microservices deployed in distributed systems, web applications, serverless applications and data pipelinesProficiency in understanding security threat landscape through the application of well-known industry frameworks like OWASP top 10 for API, applications, mobile apps, LLMsStrong programming skills in languages such as Python, Java, PHP, C++, or similar, with a focus on secure coding practicesIn-depth understanding of data security technologies and identity protocols to ensure strong authentication/authorization mechanisms to help design and protect secure small business products and servicesExperience working with cross-functional teams across the organizationStrong debugging, problem solving and investigative skillsAbility to assimilate disparate information (log files, error messages etc.) and pursue leads to find root cause problemsExperience with Agile/Scrum methodologySelf-starter who can work independentlyPreferred QualificationsBachelor’s/master’s degree in MIS, Computer Science, Math, Engineering or comparable major. Equivalent experience will be consideredWell versed with secure prompt engineering techniques for Large Language models like ChatGPT, Gemini, AnthropicAbility to apply technology and consulting to boost productivity by automating repeated tasksPossess great interpersonal skills and can communicate and present complex issues with assurance and confidenceDemonstrate the use of consulting skills including questioning, listening, ideas development and influencing
#J-18808-Ljbffr