Software Security Engineer

Software Security Engineer\ \ Responsibilities \ \ \ \ Build relationships with developers, stakeholders, and scrum masters to incorporate security principles into engineering design and deployments.\ \ Supervise testing and validation in application security controls across projects.\ \ Lead threat modeling exercise, engaging technology teams in identifying, assessing and mitigating risks associated with their technical designs.\ \ Serve as a point of contact for security-based escalations and remain tightly?involved through resolution.\ \ Build services and tools to enable developers and engineers to easily use security components produced by application security team members.\ \ Simplify automation that applies security inter-workings with CI/CD pipelines.\ \ Support the ability to incorporate security controls and technologies early on and throughout the development lifecycle.\ \ Identify vulnerabilities in code and applications through automated and manual threat modeling activities.\ \ Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business,?and gain support through influential messaging.\ \ Leverage vulnerability database sources to understand the weakness, probability and remediation options supplied by vendors as well as workarounds.\ \ Regularly research and learn new?tactics, techniques and procedures (TTPs)?in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary through?the?CI/CD pipeline.\ \ Work to consistently learn and share advanced skills and practices that promote team excellence.\ \ Partner with teams to define?key performance indicators (KPIs)?and metrics across business units.\ \ \ Qualifications\ \ Required\ \ \ \ A Bachelor's degree in computer?science,?information?assurance, MIS or related field\ \ Experience with agile workflows,?such as?Scrum and?Kanban or similar\ \ Knowledge and understanding of containers (e.g.,?Docker) and container orchestration (e.g.,?Docker Swarm, Kubernetes)\ \ Able to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface while?performing rapid,?continuous?implementation\ \ Able to script in Python, Bash, Perl or PowerShell\ \ 7+ years of work experience in information technology, information security administration or security operations.\ \ \ Preferred\ \ \ \ Advanced problem solving skills and analytical skills\ \ Advanced verbal and written communication skills in relation to business risk and remediation requirements\ \ \ \ \ \ \ \ \ \ \ EEO EmployerApex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .