As a Product Security Engineer within FICO s Cybersecurity organization, you will contribute your assistance and innovative ideas to the Security Tools Development team. This role provides the opportunity to develop a deep understanding of our business, work closely with security, product management, and development engineers to architect, design, select, and deploy the appropriate automated application security testing tools in the DevSecOps process " - Sr. Manager, Cyber Security
What You ll Contribute
-
Help Lead Engineers integrate Application and DevSecOps processes with CI/CD pipelines from early stages of the lifecycle.
-
Assists in development, implementation, and analysis of technical security products.
-
Implementing and understanding cloud solutions (AWS) with Infrastructure as Code tool (Terraform or Crossplane) for Security Tools (DAST, SAST, SCA, IaC, IAST, Supply Chain Security, Secrets Management, etc.)
-
Help to build CI/CD pipelines with Jenkins MPL, GitHub Actions and ArgoCD for Security Artifacts.
-
Speed Architecture with Docker and Kubernetes, along with cloud hosting providers, like AWS.
-
Act as Developer teams to cloud (AWS) integrating software service tools (Jenkins, JFrog Artifactory, GitHub Actions) into automation for on-premises, SaaS and Cloud Security Tools.
-
Help to Lead engineers to on-boarding security tools such as DAST, SAST, SCA, IaC, IAST, Supply Chain Security, Secrets Management, etc., vulnerability and open-source scanning into the Security DevSecOps life cycle for multiple tech stacks.
-
Contributing features to internally developed Cyber security tools and integrating those tools into the Security DevOps pipelines.
-
Drive technical discussions and propose best practices to Lead Engineers for DevSecOps process.
-
Help maintain stability, compatibility, scalability, interoperability, and performance of Security Tools products.
-
Learn new technologies in related areas.
What We re Seeking
-
Bachelor s or related discipline, or relevant experience in software design, development, and testing.
-
4-7 years of desired strong knowledge of programming, architecture and automation concepts, Terraform is preferred and Crossplane is expected.
-
Foundational knowledge of HashiCorp Vault for secrets management, along with experience deploying via Helm, ArgoCD, and Crossplane, is required.
-
Ability to understand and apply design with architects, principal engineers and discuss strategy/requirements with teams.
-
Ability to conduct product demonstrations and advantage installing applications on-premises, SaaS or Cloud.
-
Knowledge of Security Testing Tools (DAST, SAST, SCA, IAST, IaC, Supply Chain Security, etc.) is a plus.
Our Offer to You
-
An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
-
The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
-
Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
-
An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.
