Senior Software Security Lead Engineer

Summary

Join Accela, Inc. as a Lead Software Engineer and play a critical role in ensuring the security and integrity of our software applications. Lead a Scrum team in developing new features and improving core applications, conducting comprehensive web application security evaluations, and defining rigorous security requirements. Develop and implement effective vulnerability remediations, take ownership of key services, and guide the team throughout the product development lifecycle. Collaborate with various teams, contribute to the SDLC, transform ideas into high-quality products, and assess emerging software technologies. Provide production support when needed. This role requires strong leadership, technical expertise, and collaboration skills.

Requirements

• Bachelor's degree or equivalent experience in Computer Science, Information Security, or a related field and at least 10+ years of professional development experience as a software engineer
• Proven experience in application security, including secure coding practices, vulnerability assessment, and penetration testing
• Expert knowledge and understanding of secure software development principles and methodologies
• At least 10 years of experience in commonly used programming languages and associated security vulnerabilities and controls
• Team Leadership or Principal Engineer experience
• Strong experience with Java Unit Testing Frameworks and Tools such as JUnit, TestNG, Mockito, etc
• Experience working in continuous integration and continuous deployment systems (CI/CD)
• Experience and ability to coach, mentor, and train junior team members
• Ability to demonstrate technical leadership and decision-making
• Analytical thinking - able to simplify complex problems, processes, or projects into component parts, explore and evaluate them systematically
• Independent thinker with creative, resourceful, and proactive problem-solving skills
• Ability to work both independently and as a team player
• Experience and understanding of software source control systems, preferably Git
• Good understanding & working experience in cloud computing platforms such as Azure Cloud
• Strong communication skills, both verbal and written, with the ability to convey complex security concepts to technical and non-technical stakeholders

Responsibilities

• Lead a Scrum team, focusing on the development of new features, refactoring, and improvement of core applications
• Conduct comprehensive evaluations of web application security, including in-depth analysis of OWASP Top Ten vulnerabilities and effective mitigation techniques
• Define rigorous security requirements and lead detailed analysis, emphasizing secure coding practices, vulnerability assessment, and penetration testing
• Develop and implement effective remediations for vulnerabilities using cutting-edge security assessment tools such as SAST/DAST vulnerability scanners and penetration testing frameworks
• Take ownership of key services and design complex architectural deliverables, demonstrating both breadth and depth of knowledge in building software products and services
• Guide the team throughout product development by actively engaging in Daily Scrum, Sprint Planning, and Backlog Grooming sessions
• Define requirements and lead analysis and grooming for Scrum team deliverables
• Perform meticulous Code Reviews, craft robust unit tests, document code, and implement software best practices
• Collaborate seamlessly with QA engineers to design and execute testing protocols aimed at identifying and rectifying defects and performance impacts efficiently
• Build and maintain excellent working relationships with peers across multiple departments, including QA, Development, Project Management, and User Experience (UX)
• Collaborate with architects and other technical leaders to develop robust enterprise-level solutions impacting multiple services
• Contribute actively to the entire Software Development Life Cycle (SDLC) from ideation and design to full implementation, release, and deployment
• Transform innovative ideas into prototypes and refine prototypes into high-quality products
• Assess emerging software technologies and evaluate third-party solutions to identify and integrate best-suited solutions
• Provide production support of services when required

Preferred Qualifications

• Relevant certifications (e.g., CISSP, CEH, OSCP) are a plus
• Docker/containerization
• Experience working with microservices architecture/SOA
• Enterprise SAAS systems

Benefits

• Accela offers a competitive salary and benefits in line with local standards
• Accela is a “remote-first” organization and offers remote work options where feasible so employees can work in an environment that sparks motivation and creativity
• Additionally, Accela offers generous paid time off with paid holidays, paid annual leave, paid “wellness days” offered sporadically throughout the year to focus on rest and relaxation, and a company “soft-close” during the week between Christmas Day and New Year’s Day
• Accela encourages and practices promoting from within to enable employees to hone or expand their skill set, contribute more value to the company, and grow
• In addition, Accela offers non-promotional learning and development opportunities for skills enhancement through on-the-job training and internal and external education, including a paid LinkedIn Learning subscription to all employees
• As a global company, Accela employees have the opportunity to work closely with international teams, providing a broader perspective and a chance to develop a global network