Vaco
Security Software Engineer
Vaco, Scottsdale, Arizona, us, 85261
Are you someone who thrives in a fast-paced environment to build, deploy, and maintain cutting-edge security tooling? If so, Vaco is working with an Arizona based client to fill this important Security Engineer position that will support the application side of the business. In this role, you will play a crucial role in integrating scanning and monitoring systems for compliance, automating security processes, and guiding teams to adopt secure coding practices. Your contributions will directly impact the organization's security posture, ensuring a proactive defense against potential threats. We are looking for those that have a good background supporting Python or Java based applications and are very comfortable working with data structures and algorithms. If you love complex security challenges and want to help shape a security-first culture, please reach out to a member of the Vaco team today. We will be actively scheduling interviews over the holidays so don't wait to connect with us.
Position Responsibilities:
Security Engineering, Automation, & Orchestration:
Build and maintain security automation tools that integrate into internal codebases. Resolve vulnerabilities across teams by integrating preventative measures. Integrate security scanning and monitoring into CI/CD pipelines. Experience with Ansible and Jenkins a plus. Design regex-based pattern identification scripts to detect potential attacks.
Secure-SDLC & Codebase Review:
Lead secure-SDLC efforts, driving security-first practices across the organization. Conduct architecture reviews and source code audits for compliance with security standards.
Security Tooling:
Build and optimize log monitoring and reporting for organization-wide security visibility. Generate risk-based reports and metrics to aid in forecasting potential security incidents.
Mentorship & Leadership:
Coach development teams on secure coding and best practices, fostering a strong security culture. Take ownership of security decisions, aligning them with organizational goals and facilitating discussions on risk and change.
Position Expectations:
Automate CCPA Compliance:
Successfully design and implement automated deletion and data download portals for compliance-related projects. KPI Reporting & Risk Forecasting:
Build robust reporting systems to extract logs from New Relic, allowing for real-time security KPI tracking and risk prediction. Optimize Security Rule Sets:
Continuously fine-tune security rules to streamline operations and mitigate risks. Security Event Automation:
Automate security preventative actions in response to key alerts and indicators, enabling real-time threat containment. Incident Response:
Develop an event-driven system to kick off immediate actions and containment for suspected intrusions. Position Qualifications:
8+ years in Software/Security Engineering, with hands-on experience in secure coding and automation. Expertise in Python, JavaScript (Node, AJAX), Java, SQL, Linux Bash, XML, YAML/JSON. Experience with Docker, Kubernetes, Ansible, Jenkins, Terraform, AWS/Azure. Knowledge of data protection, CCPA, GDPR, and vulnerability management. Strong understanding of API design (REST, SOAP, GraphQL) and security. Preferred certifications: ISC2, ISACA, CompTIA, GIAC, AWS, Azure, TOGAF, SABSA credentials. Vaco values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
#J-18808-Ljbffr
Security Engineering, Automation, & Orchestration:
Build and maintain security automation tools that integrate into internal codebases. Resolve vulnerabilities across teams by integrating preventative measures. Integrate security scanning and monitoring into CI/CD pipelines. Experience with Ansible and Jenkins a plus. Design regex-based pattern identification scripts to detect potential attacks.
Secure-SDLC & Codebase Review:
Lead secure-SDLC efforts, driving security-first practices across the organization. Conduct architecture reviews and source code audits for compliance with security standards.
Security Tooling:
Build and optimize log monitoring and reporting for organization-wide security visibility. Generate risk-based reports and metrics to aid in forecasting potential security incidents.
Mentorship & Leadership:
Coach development teams on secure coding and best practices, fostering a strong security culture. Take ownership of security decisions, aligning them with organizational goals and facilitating discussions on risk and change.
Position Expectations:
Automate CCPA Compliance:
Successfully design and implement automated deletion and data download portals for compliance-related projects. KPI Reporting & Risk Forecasting:
Build robust reporting systems to extract logs from New Relic, allowing for real-time security KPI tracking and risk prediction. Optimize Security Rule Sets:
Continuously fine-tune security rules to streamline operations and mitigate risks. Security Event Automation:
Automate security preventative actions in response to key alerts and indicators, enabling real-time threat containment. Incident Response:
Develop an event-driven system to kick off immediate actions and containment for suspected intrusions. Position Qualifications:
8+ years in Software/Security Engineering, with hands-on experience in secure coding and automation. Expertise in Python, JavaScript (Node, AJAX), Java, SQL, Linux Bash, XML, YAML/JSON. Experience with Docker, Kubernetes, Ansible, Jenkins, Terraform, AWS/Azure. Knowledge of data protection, CCPA, GDPR, and vulnerability management. Strong understanding of API design (REST, SOAP, GraphQL) and security. Preferred certifications: ISC2, ISACA, CompTIA, GIAC, AWS, Azure, TOGAF, SABSA credentials. Vaco values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
#J-18808-Ljbffr