Software Security Developer
Do you enjoy working in a fast pace environment where your feedback and expertise on security is taken seriously? Do you get excited when given the opportunity to conduct security testing? Do you like working with diverse teams with different technical backgrounds? If this sounds like you then continue to read on.
We are looking for a Product Software Security Developer who enjoys working with the best and brightest developers here at Rackspace. You will be on the front line working with developers as new technology is being developed and deployed. As part of the product team you will conduct web application and API security testing throughout the software development lifecycle looking for vulnerabilities in the application and infrastructure. Additionally, you will get the opportunity to provide ‘real world’ mitigation efforts by working closely with the development and QE teams.
In this role you will:
Work with cutting edge technology in the Cloud environment
Conduct web app, penetration testing, and host base vulnerability assessments
Work closely with the development team and embed security during the entire development lifecycle
Work closely with the Quality Engineering team to develop test cases and test libraries with security as a focus
Create new or revised security measures and document the requirements into technical solutions
Must Have’s:
5+ years experience conducting security testing (i.e. web-based, penetration testing, and host base vulnerability assessments
2+ years development experience in Javascript and Python
Experience in discovering vulnerabilities such as XSS, XSRF, SQL injection, cookie manipulation, SSL, VPN, DMZ, encryption, and more
Knowledge of encryption standards and protocols
Ability to perform code reviews and communicate analysis to technical and non-technical teams
Knowledge of network access and authorization (e.g. public key infrastructure)
Knowledge of authentication methodologies and protocols
Database knowledge in MySql or Oracle
Knowledge of network and web protocols (http, ipsec, tcp/ip, etc)
Knowledge of critical protocols (IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)
Knowledge of network security architecture, including the application of Defense-In-Depth principles
Excellent written and verbal communication skills with ability to communicate technical issues to nontechnical and technical audiences in written format
Ability to work independently, triage issues, and prioritize tasks
Strong problem solving, interpersonal, and time management skills
Bachelors degree in Computer Science, Computer Engineering, or closely related field
Nice to Have’s:
Knowledge of node.js
Technical certifications (i.e., CISSP)
Understanding of OWASP security concepts
Experience working in the cloud computing industry
Development experience in PHP and Ruby
Experience in deploying the Security Development LifeCycle
Agile project mythology experience
Rackspace Hosting is the service leader in cloud computing, and the founder of OpenStack, an open source cloud platform. However, for our employees (we call them “Rackers”) we are much more than a hosting company. Rackspace offers a vibrant company culture filled with compelling work and fun. We are as Fanatical about serving our clients as we are about building the future of technology. But, don’t take it from us… - Fortune 100 Best Companies to Work For 2008, 2009, 2011 - Forbes Top 100 Best Small Companies 2010 - Computer World’s Best Places to Work in IT 2010 - Bloomberg Business Week Top 100 Performing Technology Company 2010 - InformationWeek Top Technology Innovators Across America 2010 - Info-Tech Champion in Cloud Infrastructure 2010 Learn more at www.rackspace.com! As employees of Rackspace, we are not simply a number… we are Rackers. With that title comes a responsibility that we all feel. It’s a responsibility to embody and live the values that make our organization unique and special. It’s also a natural responsibility because the values we embrace were created by us in the first place. Learn more about our culture at rackertalent.com.
