Lead Security Developer (Java)

Dev Technology - Tampa, FL

posted 4 months ago

Full-time - Mid Level
Remote - Tampa, FL

About the position

Dev Technology Group is seeking a Lead Security Developer (Java) to play a pivotal role in implementing security solutions across all layers of our infrastructure, with a primary focus on the application layer and the interactions between systems. The ideal candidate will possess a strong background in software development and security architecture, demonstrating the ability to work both independently and collaboratively with team members. This position offers a unique opportunity to contribute to mission-critical systems that deliver significant value to end users and customers alike. In this role, you will be responsible for creating, designing, developing, and implementing robust security solutions throughout the software development lifecycle. This includes ensuring secure coding practices and data protection measures are in place. You will develop security architecture frameworks and policies specifically tailored for a microservices-based environment on AWS, and propagate these solutions across multiple development teams and various applications with differing architectural profiles. Your responsibilities will also include reviewing code scan results from multiple tools such as Anchore, WebInspect, and DBProtect, collaborating with Security Compliance staff to optimize scans. You will develop and maintain custom tools to integrate code scanning tool outputs with JIRA, implement source control integrations, and set up pipeline jobs to provide early security feedback, identifying gaps in secure coding practices. Conducting vulnerability assessments and penetration testing will be essential to identify and mitigate potential security vulnerabilities, while utilizing ethical hacking techniques to proactively address security issues within applications and infrastructure. As an advocate for security best practices, you will provide internal training and development support, implement security monitoring and alerting systems to detect and respond to security incidents in real-time, and ensure that security protocols are adhered to across the organization.

Responsibilities

  • Create, design, develop and implement robust security solutions across all stages of software development and deployment, ensuring secure coding practices and data protection.
  • Develop security architecture frameworks and policies tailored to a microservices-based environment on AWS.
  • Propagate solutions across multiple development teams and a variety of applications with different architectural profiles.
  • Review code scan results across multiple tools (Anchore, WebInspect, DBProtect) and collaborate with Security Compliance staff on ways to tune and optimize scans.
  • Develop and maintain custom tools to integrate code scanning tool outputs with JIRA.
  • Implement source control integrations and pipeline jobs to provide early security feedback and identify gaps in secure coding practices.
  • Conduct vulnerability assessments and penetration testing to identify and mitigate potential security vulnerabilities.
  • Utilize ethical hacking techniques to proactively identify and fix security vulnerabilities within applications and infrastructure.
  • Advocate and implement security best practices in coding (especially in Java, Python, and Angular), deployment, and operations, providing internal training and development support.
  • Implement security monitoring and alerting systems to detect and respond to security incidents in real-time.

Requirements

  • Bachelor's degree plus at least 7 years of experience developing in Java, Python, and Angular.
  • Demonstrated experience in security protocols (e.g., TLS/SSL, IPsec, OAuth and OpenID Connect, SAML, HTTPS, Key management and Encryption Protocols).
  • Understanding of Zero Trust principles, methods and implementation.
  • Demonstrated experience with a range of AWS services and security features (e.g., IAM, VPC, CloudTrail, and Security).
  • Demonstrated experience with microservices architecture and containerization (e.g., Docker, Kubernetes).
  • Demonstrated experience implementing security controls and scans into CI/CD pipelines.
  • Understanding of network security, database management, and hardware security.
  • Excellent problem-solving skills and attention to detail.
  • Strong communication skills to convey complex security concepts to non-technical and technical stakeholders.
  • Demonstrated experience overseeing projects and mentoring team members.
  • Ability and desire to collaborate with developers, ISSOs, security engineers, architects, anyone engaged in the delivery.

Nice-to-haves

  • Proficiency with ethical hacking tools and methodologies.
  • A certification such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and AWS Certified Security - Specialty.
  • Experience working on a large scale project with multiple teams.
  • Experience on a federal government project.

Benefits

  • Generous and flexible time-off policy
  • Flexible work schedules and telework options, including remote work availability for eligible projects
  • Career development opportunities including a mentorship program, technical and management training through Dev University, hands-on learning through DevLab, tuition reimbursement, and paid training opportunities
  • Industry-leading benefits including a choice of two health plans that include dental and vision, flexible spending account, commuter benefits, life insurance, and more
  • 401K matching with immediate vesting and end of year profit sharing
  • Regular team and company social events including our annual party, happy hours, fitness challenges, and more
  • A focus on community engagement including company wide support activities, employer match for donations, and time off for volunteer efforts

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service