Software Engineer III (Infrastructure/Security Engineering)
Company: Wayfair LLC
Location:
Posted on: January 30, 2019
Job Description:
Duties: Maintain, tune, and own the Web Application Firewall;
manage security to protect against external hackers; develop code using
multiple programming languages to create security features and advance
secure development frameworks; perform code reviews in PHP, Go, and
Python; teach developers about common security vulnerabilities; and
collaborate with development and product teams to develop secure products and
features for all users. Requirements: Master's degree in Computer Science,
Engineering, Information Assurance, Information Technology or related field
(willing to accept foreign education equivalent) plus two years' experience
performing application security analysis and secure code review or,
alternatively, a Bachelor's degree in Computer Science, Engineering, Information
Assurance, Information Technology, or related field (willing to accept
foreign education equivalent) and five years' experience in performing
application security analysis and secure code review. One year of experience
must include: Performing design work, web development and back-end
development using PHP, HTML, JavaScript, SQL, and Go; Employing secure
software development best practices across all platforms (desktop/mobile
web/mobile app) and hardening secure software development frameworks;
Testing and validating web application security vulnerabilities and
investigating customer facing security events by performing active and passive
testing and data validation; Interfacing with business product leaders
and engineers to securely design new features and products, and
interfacing with external vulnerability researchers and coordinating fixes
with internal developer teams; Auditing production and reviewing
pre-production full-stack application code using PHP, JavaScript, and Mustache;
Analyzing and selecting strong cipher suites to support and implement TLS
protocols to protect data in transit; Protecting customer data by
implementing industry standard authentication protocols based on OAUTH;
Protecting data at rest by implementing hashing and encryption capabilities and
by building encryption key management solutions; Protecting websites and
customers on multiple platforms against manual and automated attacks by
deploying, tuning, and maintaining web application firewalls and bot
management tools; and Performing secure code reviews of third party open source
projects to be used for internal code development, and performing secure
code reviews of in-house developed applications using PHP, JavaScript, SQL,
and Go.
Keywords: Wayfair LLC, Cambridge , Software Engineer III (Infrastructure/Security Engineering), Engineering , , Massachusetts