Software Security Developer in Test II - US - 19277

This details all the information about the job posting. To submit your resume, click on the 'Submit your Resume to this Job' button.

Job Title
Software Security Developer in Test II - US

Category
Quality Assurance

Requisition Code
19277

Location
US-TX-San Antonio-CSTL San Antonio, TX 78218, US

Education
Bachelor's Degree

Job Type
Full-time

Shift/Hours
Travel Required
0

Job Description
We are seeking a Software Security Developer II/III to asses or consult on the design of application architectures to provide application security recommendations to business units, including web application firewalls, application authentication, application load-balancing, application optimization, and data leakage prevention.

Responsibilities:

, Verify that application/system security posture is implemented as stated, document deviations, and determine required actions to correct those deviations
, Recommend new or revised security measures based on the results of security reviews
, Provide an accurate technical evaluation of the application, system, or network, documenting the security posture, capabilities, and vulnerabilities
, Consults with developers to gather and evaluate security requirements and translates these requirements into technical solutions.
, Collaborate with system developers/engineers to implement appropriate security design solutions during the development lifecycle
, Plan and conduct security vulnerability reviews for initial installation of applications, systems, and networks
, Develop/update security policies/requirements that meet the security objectives (confidentiality, integrity, and availability) for assigned products
, Incorporate vulnerability solutions into application/system designs (e.g., Applications Vulnerability Alerts)
, Perform security reviews and identify security gaps in security architecture
, Perform threat and vulnerability analysis whenever an application or system is being designed or undergoes a major infrastructure design change
, Perform SDL activities (threat modeling, source code reviews, infrastructure testing, and application testing) through the entire Software Development Lifecycle
, Use the Security Development Lifecycle (SDL) and Vulnerability Management practices to support all product security initiatives

The ideal candidate will have the following:

, Experience with web application security assessments, penetration testing, and host-based vulnerability assessments
, Experience with application security concepts (e.g. OWASP)
, Experience with discovering vulnerabilities such as XSS, XSRF, SQL Injection, Session Manipulation, application and network environment hardening
, Strong understanding of application security issues, especially web-based applications and web services (REST/SOAP)
, Development experience in Python, Rudy Rails, Java, Javascript, PHP, or other languages
, Ability to perform source code reviews and communicate analysis to technical and non-technical teams
, Knowledge of encryption standards and protocols
, Experience with authentication methodologies and protocols
, Knowledge of network and web protocols (http, ipsec, tcp/ip, etc)
, Database knowledge in MySQL or Oracle strongly preferred
, Knowledge of methods for evaluating, implementing, and disseminating security tools and procedures
, Knowledge of network security architecture, including the application of Defense-In-Depth principles
, Knowledge of system design tools, methods, and techniques, including automated systems analysis and design tools
, Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes
, Knowledge of security principles and methods and how they apply to a Cloud environment
, Knowledge of critical protocols and cryptography (e.g., IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)
, Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
, Knowledge of network access and authorization (e.g., public key infrastructure)
, Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs
, Experience in software development or engineering
, 7+ years in systems testing and evaluation methods, software development, software engineering, dev/ops, system administration, security consulting or a combination of these.
, Bachelor,s degree in Computer Science, Computer Engineering, or closely related field.
, CISSP and/or CISM preferred.

Rackspace, a world leader in hosting delivers enterprise-level managed hosting, cloud hosting, and e-mail hosting services to businesses of all types and sizes globally. Today we serve thousands of customers from data centers around the world. Rackspace integrates the industry's best technologies and practices for each customer's specific needs delivering it as a service via the company's commitment to Fanatical Support®. We serve as an extension of our customers' IT departments enabling them to focus on their core business. Rackspace was founded in 1998 and since then has had significant growth year after year. There are now over 4,000 Rackers employed worldwide dedicated to providing customers our premier hosting services.

Rackspace Hosting is an Equal Opportunity Employer

The above information has been designed to indicate the general nature and level of work performed by employees in this classification. It is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the employee assigned to this job.

 
Job Requirements

#LI-LM2
Skills
Type of Job(*US Only)
0