Senior Software Developer - Security Focus

Introduction
We are seeking a skilled and experienced Java/Go Developer with a strong background in security to join our team. The ideal candidate will have a deep understanding of secure coding practices and be able to analyze identify and respond to vulnerabilities within the codebase. As a Developer you will work closely with the DevOps and security teams to ensure our applications are secure and resilient against potential threats.

Your Role and Responsibilities
* Design develop and optimize software applications using Java and Go ensuring all code is robust efficient and secure.
* Perform comprehensive security assessments and code reviews to uncover potential vulnerabilities and weaknesses in the application code.
* Evaluate security vulnerabilities identified by automated tools external audits or internal testing and apply necessary code changes and patches to address them.
* Champion secure coding standards and best practices within development teams providing guidance and training on security-related topics.
* Work closely with developers security teams and other stakeholders to design and implement secure software solutions participating in threat modeling risk assessments and security architecture reviews.
* Develop and manage security tools and automation scripts to integrate vulnerability checks into continuous integration/continuous deployment (CI/CD) pipelines.

Required Technical and Professional Expertise
* Strong programming experience in Java or Go (at least 2 years).
* Knowledge of industry standards regarding vulnerability management (i.e. Common Vulnerability Scoring System (CVSS) and Common Vulnerability and Exposures (CVE)).
* Experience with static and dynamic code analysis tools (e.g. OWASP ZAP).
* Knowledge of secure coding practices and frameworks (e.g. Spring Security JWT OAuth).
* Knowledge and experience with secure deployment of applications within a cloud environment.
* Knowledge of Agile methodologies.

Preferred Technical and Professional Expertise
* Experience in vulnerability management and penetration testing.
* Understanding of cryptographic principles and secure communication protocols.
* Familiarity with container security (Kubernetes Red Hat OpenShift Container Platform).
* Ability to manage the security vulnerabilities and risks across the organization including identifying and supporting application/system owners to manage risks and remediate vulnerabilities.
* Knowledge of security concepts such as cyber-attacks and techniques threat vectors risk management threat management and incident management.