Broadstaff ยท 2 days ago
Security Engineer IV
Wonder how qualified you are to the job?
Human ResourcesRecruiting
Insider Connection @Broadstaff
Responsibilities
Conduct security assessments on both Consumer and Business products and solutions
Help create, define, and implement security controls and tooling
Manage multiple projects to support internal business unit security requirements
Work with security stakeholders in other areas of the business
Help implement Secure Software Development Lifecycle (SSDLC) practices and automation
Perform security design/code reviews and vulnerability assessments
Provide security guidance to Engineering and Product teams
Build threat models and participate in risk assessments
Contribute to security architecture and processes for secure code development and deployment
Provide expertise on encryption, security controls, and secure design practices
Contribute to security policy, standards, and guidelines
Evaluate and operationalize new technologies for securing the organization
Assist in creating product security inventory and lifecycle
Train and mentor new hire and Jr Product Security Architects
Train and mentor Security Champions throughout development
Share thought leadership in product and application security
Create security user stories and test cases tailored to product attributes
Support and advise product owner and development teams on technical feasibility, readiness, and compliance
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor's degree in a relevant field OR equivalent combination of education, training, and experience
Experience with security requirements analysis, threat modeling, design reviews, and security best practices
Preferred
Good understanding of mobile application security
Hands-on experience with application penetration testing
Experience securing cloud services (e.g., AWS, Azure, GCP)
Understanding of Docker, Kubernetes, and CI/CD pipeline
Hands-on experience with security testing (e.g., SAST, DAST, Pen testing)
Familiarity with OWASP Top 10, CIS Top 20
Knowledge of authentication protocols (e.g., OID, OAuth2.0, SAML)
Understanding of application security vulnerabilities and countermeasures
Excellent written and verbal communication skills
Ability to prioritize and execute multiple work streams
Experience with application programming and software development lifecycle
Excellent organizational and interpersonal skills
One or more relevant certifications (e.g., CISSP, CISM, SANS, CCSK, CCSP, Ethical Hacker cert)