Product Security Automation Engineer
New York, NY
Posted Apr 20, 2022 - Requisition No. 102689
We protect Bloomberg.
The Product Security Architecture team is dedicated to making our products and technologies as secure as possible from design through development. We report into the CISO while working closely with development/engineering and other teams across the organization. Our colleagues depend on us to be application, network and host security pros. We specialize in defining security requirements, performing security assessments of our internal applications, and providing developers with remediation advice. On any given day we're pulled in to evaluate a new system, a proposed network change, or provide guidance on security/coding best practices.
What’s The Role?
As a Security Automation Engineer, you will create tools and automate testing to enable us to scale and work more effectively, integrate security into the development lifecycle, and provide visibility into our security posture.
We'll Trust You To:
- Develop and customize security testing tools to be used by the team and by developers
- Work with development teams to find ways to integrate security testing into the SDLC
- Perform code reviews of applications, manually and using static analysis tools
- Provide remediation guidance and recommendations to programmers and administrators
You'll Need To Have:
- Experience using and customizing security static analysis tools such as Fortify, AppScan, Coverity, or Checkmarx
- Experience in software security testing, methodologies and frameworks
- Familiarity with common vulnerabilities and attack vectors
- The ability to communicate complicated technical issues and the risks they pose to programmers, network engineers, system administrators and management
We'd Love To See:
- Experience providing security training to developers
- Experience as a consultant at a highly technical information security consultancy
- Experience working as a technical security architect or related security role in a company where there is a commitment to information security and technology
- Experience with common build systems such as CMake and Make
- Experience with continuous integration and test environments such as Jenkins and SonarQube
If This Sounds Like You:
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email firstname.lastname@example.org.