JT: Engineer, Application and Product Security
Dur: 6 months
Loc: Westerville, OH - Onsite position
IM: Video
Visas: USC/GC/GC-EAD
The Engineer, Application and Product Security is expected to have a thorough understanding of various development environments and their respective toolchains. The center of our development processes and technology is built around GitLab. The environment and toolchain experience should span from basic DSP code development to complex cloud service deployments. This position is primarily responsible for designing, developing, and maintaining internal applications and integrations to support an automated security program. We are continuously improving automation and tool integrations to improve scalability and efficiency.
The Engineer will be involved in various development and operation activities. These activities include supporting our internally developed tools that help automate many of our day-to-day activities, enhancing our internal security processes and tools utilized by our engineering teams, supporting code repository management, static and dynamic code analysis, and helping engineering teams to troubleshoot CI/CD pipelines.
Secondary responsibilities include acting as the primary point of contact for regional engineering teams for our internal product security program and mentor juniors within the team. The engineer is expected to have a thorough understanding of complex IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies.
Key DutiesIn addition to anticipating development needs and identifying areas of inefficiency, the Engineer must respond promptly and effectively to breakdowns in the toolchain supporting the development pipeline. Other key duties include:

• Act as design authority for projects within the Application and Product Security portfolio. Engage from the idealization through the development lifecycle in project execution.
• Understand, advocate, and support the enterprise's product strategy along with assisting in the development and implementation/realization of the various product roadmaps
• Reviewing current system performance, efficiency, and security measures and recommending and implementing enhancements
• Act as a Security Engineer to work in development, operations activities daily
• Support building various tools, processes for the business and for engineering teams through various software development skills and coding practices (OOPS will be highly recommended)
• Code management and maintenance through DevOps and CI/CD pipelines
• Thorough Gitlab usage and maintenance for daily activities tracking, source code management, DevOps and CI/CD
• Support internal security team efforts, cross-functional activities
• Analyze the current portfolio to detect critical deficiencies and recommend solutions for improvement
• Ability to work in global organization with onshore as well as offshore resources
• Serve as an escalation point for security issues from development engineering teams
• Support standard security testing labs
• Support automated security testing
• Mentor juniors within the team and provide support
• Regional and Global support activities

Requirements

• A Bachelor’s Degree in Computer Engineering, Information Technology, Computer Science or related field is highly desirable.
• Five (5) years’ experience in development and deployment capacity for S/W or embedded firmware, with a focus on integrating development process and enhancing performance and reliability
• Meaningful experience with GitLab
• Technical contributor of source code in a development team to create a product or service
• Solid understanding of development tools, processes, and best practices for a wide array of products. Embedded firmware to complex cloud deployments
• Ability to interact with a broad cross-section of personnel to articulate and enforce best development process security measures
• Excellent written and verbal communication skills as well as business acumen
• Strong ability to establish good working relationships to influence change and achieve results within dynamic environment

Preferred Knowledge Experience Includes

• Lengthy experience utilizing git, svn, cvs, and other SCM solutions
• Deployment and usage of Docker, Kubernetes and/or Tanzu technologies
• Certifications/accreditations relating to development processes and methodologies preferred
• Development experience in embedded systems and/or web-based applications
• Conducting research for the purposes of understanding new tools and methodologies to support a continuously evolving DevSecOps environment
• Linux kernel build configuration and integration experience
• Linux network device driver/data-path performance experience
• Experience in object oriented programming. Preferably Python but experience with C, C , Java, .NET, and Go also beneficial.