Software Security Engineer

Date: Nov 12, 2022

Location: Remote Work Available, PR

At Popular, we offer a wide variety of services and financial solutions to serve our communities in Puerto Rico, United States & Virgin Islands. As employees, we are dedicated to making our customers dreams come true by offering financial solutions in each stage of their life. Our extensive trajectory demonstrates the resiliency and determination of our employees to innovate, reach for the right solutions and strongly support the communities we serve; therefore, we value their diverse skills, experiences and backgrounds.

 

Are you ready for a rewarding career?

Over 8,000 people in Puerto Rico, United States and Virgin Islands work at Popular.

Come and join our community!

Full time Opportunity

General Description

Work closely with in-house software development teams and development contractors to ensure that security, privacy, and compliance requirements are planned, designed, and built into software applications expected to optimize and align application security processes and systems throughout the Secure Software Development Lifecycle.

Essential Duties and Responsibilities

  • Ensure emerging and operational applications, software, and specialized programs meet security compliance IAW laws and regulations, internal and industry security standards.  
  • Work closely with software and application in-house developers and development contractors to ensure the implementation of security standards and benchmarks. 
  • Building relationships with software architects, developers, and engineers to create a culture of secure coding.
  • Developing and embedding secure design patterns, coding standards, and education, within the development process.
  • Build, deploy, and automate comprehensive application security testing capabilities.
  • Application security assessments, including code reviews, architecture reviews, threat modeling, and penetration testing.

Minimum Education

Bachelor's Degree

Experience

More than ten years of experience in software development and more than three years of experience in security aspects of software engineering.

Preferred Certifications and Licenses (1 or more)

  • AWS DevOps Engineer; Microsoft AZ-400
  • CISSP, CISM, CGEIT, GSEC, CASP+, CRISC, CCSP

Competencies

Accountability
Analytical Discipline
Business Excellence
Change Agent
Character
Collaboration & Teamwork
Customer Centric
Self Development

Other Qualifications

  • Advanced skillsets supporting an engineering focused approach to solving common security problems.
  • Advanced knowledge and understanding of programming languages such as .Net C#, Java and JavaScript and the corresponding secure coding best practices is essential.
  • Working knowledge developing and securing web APIs, web services and web applications using a risk-based approach and best practices..
  • Experience with REST, SOAP or gRPC.
  •  Hands-on experience with CI/CD tools such as GitLab, Jenkins, Nexus, Harness, Artifactory, or comparable substitutes.
  • Advanced knowledge of leveraging various application security testing tools in the areas of SAST, DAST, IAST & SCA such as BurpSuite, Appscan, Veracode, Qualys WAS, HP Web Inspect, Checkmarx, WhiteSource, DevTools, Fiddler, OWASP Zap, Metasploit, BeeF, SQLMap, or various other commercial standard offerings for application security testing and analysis.
  • Strong background in integrating security controls into several areas in the SDLC process.
  • Hands-on experience introducing security controls with automation into a CI/CD pipeline is a plus
  • Experience leveraging secure development frameworks and best practices like OWASP, STRIDE, OCTAVE, BSIMM, or OpenSAMM.
  • Working knowledge of encryption, hashing, key management and secrets management.
  • Working knowledge of authentication and authorization using Active Directory (LDAP and NTLM), OAuth, OpenID Connect, SAML, and Jason Web Tokens.

Important: The candidate must provide evidence of academic preparation or courses related to the job posting, if necessary.

 

If you have a disability and need assistance with the application process, please contact us asesorialaboral@popular.com. This email inbox is monitored for such types of requests only. All information you provide will be kept confidential and will be used only to the extent required to provide needed exemptions or reasonable accommodations. Any other correspondence will not receive a response.

 

As Puerto Rico’s leading financial institution, we reaffirm our commitment to always offer essential financial services and solutions for our customers, including during emergency situations and/or natural disasters. Popular’s employees are considered essential workers, whose role is critical in the continuity of these important services even under such circumstances. By applying to this position, you acknowledge that Popular may require your services during and immediately after any such events.

 

          .

 

Popular is an Equal Opportunity Employer

Learn more about us at www.popular.com and keep updated with our latest job postings at www.jobs.popular.com.

Connect with us!

LinkedIn |   Facebook   |   Twitter   |   Instagram


Job Segment: Sales Consultant, Sales