Senior Security Software Developer

Summary

Join Ardent, a company committed to both employee well-being and solving customer challenges, as a Senior Security Software Developer. This remote position focuses on integrating security practices into development and deployment processes, automating security measures, and ensuring their integration into CI/CD pipelines. You will work in an agile environment, collaborating with a team to develop and maintain enterprise-grade tools and CI/CD pipelines, ensuring high security, quality, and efficiency.

Requirements

• 7 years of software development experience, including full Software Development Lifecycle, full stack applications, service-oriented architectures (micro-services), continuous integration and continuous delivery
• Experience must also include containerized applications and cloud platforms
• Solid experience writing unit, integration, and end to end tests
• Comprehensive experience implementing and integrating a variety of DevSecOps tools and technologies including Git, GitHub, GitHub Actions, Jenkins, AWS CodeBuild, Jira, Artifactory, Terraform, SonarQube, Prisma Cloud or similar and related technologies
• Must be able to work well remotely, but in an agile development environment with frequent collaboration and dynamic requirements
• BA or BS degree in Science, Technology, Engineering, or Mathematics

Responsibilities

• Integrate security practices seamlessly throughout the development and deployment processes
• Automate security measures
• Ensure security measures are ingrained in continuous integration, delivery, and deployment pipelines
• DevSecOps as well as software development
• We develop enterprise grade, production ready tools with thousands of users that we've either developed from scratch or have inherited and are actively improving upon and sharing with the enterprise
• We also manage our own set of CI/CD pipelines that we are continuously improving to increase security, quality, and efficiency
• Our tools and processes are shared across the enterprise as examples and thus need to be at very high standards
• The position requires a candidate that can be productive while working independently; able to communicate effectively with the rest of the team, plan and prioritize work, research various topics and present relevant findings, and contribute high quality production ready code
• Application development using technologies like Next.js and React, Angular, Java Spring, and Ruby on Rails
• Setting up, maintaining, and improving CI/CD pipelines for the various tools the team develops using Jenkins, Groovy, Docker, and various plugins and security scanning tools
• Deploying containerized applications to AWS EKS while providing monitoring and alerting via New Relic, Splunk, and other tools
• Developing, hardening, and sharing Docker images for use throughout the enterprise
• Researching and implementing Zero Trust architectures and strategies for our team and the enterprise
• Continuously improving our technologies and processes across our team and the enterprise within the unique constraints our customers require
• Understanding and improving security practices throughout the SDLC, including key management, security scanning, immutable workloads, code quality, etc
• Leading, communicating , and collaborating across functional borders
• Effectively present analysis, findings, and strategies to teammates and customers
• Expressing technical information clearly at different organizational levels

Preferred Qualifications

• Experience developing React and Angular web applications
• Experience with Ruby on Rails
• Experience developing APIs that will be shared and used by other applications/teams and documenting those APIs according to the Open API spec
• Experience with setting up Selenium, Cypress, or Playwright and developing e2e test suites
• Experience with "Infrastructure as Code" tools and techniques, with hands on experience setting up and tearing down environments in support of the CI/CD pipeline
• Worked with various AWS platforms, including IAM, EKS, RDS, S3, and EC2
• Proven experience managing system changes without interruption to the user
• Knowledge of Zero Trust strategies and implementation of tools and techniques to achieve Zero Trust goals
• Good verbal and written communication skills
• Experience with security automation and machine learning
• Experience using a wide variety of open source and COTS technologies and tools

Benefits

• We offer highly competitive benefits, professional development opportunities, and an exceptional culture that embraces flexibility, innovation, collaboration, and career growth
• A collective service mindset underpins our work, and a shared camaraderie to serve clients, colleagues and our communities set us apart