Senior Product Security Engineer

Job Responsibilities:

• Identify potential risks, threats, vulnerabilities and exploits in applications through threat modeling, secure code review, and penetration testing
• Define information security policies and standards that support secure coding practices
• Support and ongoing development of existing in-house created technologies and solutions used by the security team.
• Support the automation of security testing and more efficient discovery, tracking, and resolution of security vulnerabilities
• Educate employees on secure coding guidelines and development best practices

Job Requirements:

• 5+ years of relevant Product Security or Application Security experience or 6+ years development experience with a focus on secure coding
• Bachelor’s degree in related field, or equivalent professional experience
• Working experience with Security Software Development Lifecycle (SDLC) process such as threat modeling, static code analysis, third party library security testing, web application and API security testing, etc.
• Proficient in writing and supporting endpoints, SPAs and traditional applications written in Python, PHP, Node.JS and client side JavaScript
• Detail-oriented and quality-driven with excellent communication and inter-personal skills
• Expertise in understanding TCP/IP, common software and web application vulnerabilities, security standards such as the OWASP Top 10 and the OWASP ASVS
• Extended knowledge of pen-test tools, vulnerability scanners, web-applications and IT-infrastructure systems
• Knowledge of development and integration tools and technologies (e.g. CI/CD)
• Knowledge of Aws, Azure or Google Cloud
• Ability to participate as a member of a 24x7 on-call rotation (low demand)
• Software Engineering experience developing/debugging is a significant plus
• Able to deliver quality results in a high-energy/high-pressure environment
• Self-motivated with the ability to perform duties with minimal supervision
• Creativity is a must!
• Relevant certifications a plus

Join us at FactSet and contribute to a team that is integral to delivering high-quality content to our clients.

Diversity

At FactSet, we celebrate diversity of thought, experience, and perspective. We are committed to disrupting bias and a transparent hiring process.  All qualified applicants will be considered for employment regardless of race, color, ancestry, ethnicity, religion, sex, national origin, gender expression, sexual orientation, age, citizenship, marital status, disability, gender identity, family status or veteran status. FactSet participates in E-Verify.

Return to Work:

Returning from a break? We are here to support you! If you have taken time out of the workforce and are looking to return, we encourage you to apply and chat with our recruiters about our available support to help you relaunch your care

Attachments