- Apply Now! Will take less than 5 minutes
- Refer a friend (by e-mail) to this job opportunity
Opportunity Details:
Overview:
Rearden Commerce, creator of the Deem™ commerce platform, is transforming commerceon behalf of buyers and sellers. Through a suite of interoperable smart applications, the Deem platform is designed to leverage big data, analytics and semantics technology to optimize the exchange of goods, services, and information with personalization and repeat value to drive customer loyalty. Deem is distributed globally by more than 40 strategic partners including American Express and JPMorgan Chase — connecting millions of consumers and over 35,000 business customers across every market segment to more than 1.2 million merchants. Rearden Commerce is headquartered in Foster City, California.
The Deem commerce platform is designed to connect buyers and sellers via Absolute Relevance™ technology. Deem leverages big data, social collaboration, game-mechanics, semantics and advanced machine learning to optimize the exchange of goods, services and information between buyers and sellers, resulting in the web's most personalized one-to-one marketplace.
This position, reporting to the Information Security Officer, is responsible for design and implementation of the application security program at Rearden Commerce. Key components of the program are security architecture governance and application vulnerability management. The governance role includes development and maintenance of secure application coding standards and policies, participation in the integrated architecture governance program, and management of security exceptions and application risk assessments. The vulnerability management responsibility includes both static code analysis and ongoing active vulnerability assessment.
Responsibilities:
The Principal Application Security Engineer is responsible for driving selection, implementation and maintenance of all code analysis and vulnerability assessment tools and processes. Support for PCI and other external audits of Rearden Commerce applications and infrastructure is also a part of this role. Finally, the Principal Application Security Engineer is responsible for acquiring and / or developing and delivering educational materials to ensure Rearden software engineers are well-trained in secure application development practices. This candidate will also support the network security functions.
Qualifications:
- 3-5 years application development experience in a secure environment handling sensitive data
- 2+ years experience in application security (as an architect, tech lead or senior engineer focused on application security)
- Demonstrated expertise in application security spanning multiple development platforms (ideally, Java/J2EE, .Net and Ruby on Rails)
- Practical experience implementing static and/or dynamic application vulnerability and risk assessment tools and programs
- Excellent communication and consultative skills
- Proven track record developing secure applications in Java and improving application security
- Bachelors in CS or the equivalent
Additional Qualifications:
- CISSP, BSCS or MSCS certifications
- Application security program management experience
- SIEM implementation/support experience
- PCI audit preparation experience
- Hands-on secure application development experience in .Net and Ruby on Rails