Sr Product Security Engineer

About Blackhawk Network:

Learn more at BHN.com.

Overview:

We are highly focused on ensuring all that these platforms are architected and built using established best practices and give us a robust foundation to drive our products.

• You will be working with a team of product owners, developers, testers and product managers and contribute to the Secure development of Information Security tools, process & performing remediation of the issues.
• Implements and tunes algorithms used to monitor both machine and human behavior
• Coordinates and implements enterprise design and remediation solutions based on gathered statistics
• Collects automated progress metrics for all technology projects
• Responsible for analyzing and testing attack and penetration of Internet infrastructure and Web- based applications utilizing manual and automated tools
• Preparing clear and concise reports and documentation
• Executing troubleshooting tasks
• Creating training materials
• Automation
• SSLDC
• Application Security
• Container Security
• Dev background
• AWS Security
• Fraud and Risk framework implementations, background
• Application Security architecture review, assessment

Responsibilities:

• Security tooling development and Automation
• SSLDC
• Application Security
• Container Security
• Dev background
• AWS Security
• Fraud and Risk implementations, background
• Application Security architecture review, assessment
• Web Application, Infrastructure, Mobile Application Penetration Testing

Qualifications:

• 5+ years of experience working as a software engineer
• Knowledge of SSLDC (Secure Software Development Lifecycle), SAST, DAST, IaaC, SCA scanning and technologies
• Experience working on threat modelling, Application Security Architecture reviews, assessment, Mobile Applications Security Architecture review, assessment
• 5+ Years of experience in writing code in (Java, React, NodeJS, Python)
• 5+ Years of experience in working in public cloud environment AWS
• Knowledge of authentication and authorization topics (OAuth, SSO, RBAC, ABAC, etc.)
• Experience in Fraud and Risk framework implementations on financials
• Experience in working on Windows, Linux Operating Systems and internals
• Experience in working in Container Security
• Experience building scalable systems in a microservices environment
• Experience working with SQL databases
• Familiarity with all aspects of the software development life cycle
• Strong communication and interpersonal skills
• Familiarity with Public Cloud environment and fundamental skills AWS
• Experience working with writing automation using AWS CLI, SDK and Jenkins