Engineering Lead for AlignOps, developing cloud - based solutions for the construction industry. Leading a team with strong expertise in Node.js, TypeScript, and cloud services.
About the role
- Principal Engineer delivering secure code practices for F5's BIG-IP platform. Advocating secure development and mentor junior engineers while ensuring compliance with secure coding standards.
Responsibilities
- Drive secure coding practices across the F5 BIG-IP platform by conducting code reviews
- Identify security vulnerabilities and collaborate with development teams to integrate security throughout the software development lifecycle
- Conduct comprehensive security code reviews to identify vulnerabilities and weaknesses in BIG-IP product code
- Perform manual and automated code analysis using static (SAST) and dynamic (DAST) analysis tools
- Review code for compliance with secure coding standards (OWASP, CWE/SANS Top 25, CERT)
- Analyze security implications of design decisions in application delivery, traffic management, and security modules
- Develop and maintain security coding guidelines, standards, and checklists tailored for F5 products
- Define security requirements and controls for system designs, APIs, and authentication/authorization mechanisms
- Champion secure-by-design principles across engineering teams
- Mentor junior engineers on security best practices and code review techniques
- Track security findings through resolution using Bugzilla or similar tracking systems
- Stay current with latest security threats, attack vectors, and defensive technologies
- Evaluate and recommend new security tools and methodologies to improve code security posture
- Leverage AI-powered security tools for enhanced vulnerability detection and code analysis
Requirements
- 12+ years of hands-on experience in secure code review and secure software development
- Proven track record identifying and remediating security vulnerabilities in production code
- Experience integrating security into agile software development processes
- Programming Languages: Python, Java, C/C++ (proficiency required)
- Deep understanding of secure coding principles, OWASP Top 10, CWE/SANS Top 25
- Static Analysis Tools: SonarQube, Checkmarx, Fortify, Coverity, Semgrep
- Dynamic Analysis Tools: Burp Suite, OWASP ZAP, Acunetix
- Manual code review, peer review, automated scanning integration
- Source Code Management: Git, GitHub, GitLab, Bitbucket
- SDLC Integration: CI/CD security gates, GitHub Actions, Jenkins
- Strong analytical and problem-solving skills with attention to detail
- Excellent written and verbal communication skills for technical and non-technical audiences
- Ability to articulate security risks and recommended mitigations to development teams
- Collaborative mindset with ability to influence engineering culture
Benefits
- Hybrid work options
- Equal Employment Opportunity
- Reasonable accommodations for candidates
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Join Viber's RTC team as an iOS developer optimizing call features. Engage in research and development for enhancing user connectivity.
Senior Software Engineer building AI tools at Airbnb. Driving innovation and shaping employee efficiency through LLM - powered solutions and cross - functional collaboration.
Full Stack Engineer II developing secure RESTful APIs and cloud - based solutions for REV Capital. Collaborating with teams to ensure high - quality code and system performance in a hybrid environment.
Senior Software Engineer in Treasure Data's Plazma team focusing on Hadoop/Hive & Trino solutions development. Working with a team of Big Data experts across Japan, Korea, and Canada.
Manager Software Engineering driving innovative solutions at Colliers while leading a team of developers. Collaborate on financial application design and deployment in a hybrid work environment.
Technical Lead at Modus Digital guiding development teams to deliver scalable digital solutions. Collaborating with global teams and ensuring high standards in architecture and design.
Full Stack Developer at Modus Digital collaborating globally to build cutting - edge web and mobile solutions. Focusing on complex challenges in software and system architecture.
Technical Lead for Global IT firm managing SAP BO and SAP BW/4HANA solutions. Leading a hybrid team and ensuring effective support and mentoring for engineers.
Linux Architect providing expertise in Linux technologies for global IT services firm. Responsible for design decisions and lifecycle management of Linux platforms in a hybrid setup.