BETSOL is a cloud -first digital transformation and data management company offering products and IT services to enterprises in over 40 countries. BETSOL team holds several engineering patents, is recognized with industry awards, and BETSOL maintains a net promoter score that is 2x the industry average.BETSOL’s open source backup and recovery product line, Zmanda (Zmanda.com), delivers up to 80% savings in total cost of ownership (TCO) and best-in-class performance.BETSOL Global IT Services (BETSOL.com) builds and supports end-to-end enterprise solutions, reducing time-to-market for its customers.BETSOL offices are set against the vibrant backdrops of Broomfield, Colorado and Bangalore, India.We take pride in being an employee-centric organization, offering comprehensive health insurance, competitive salaries, 401K, volunteer programs, and scholarship opportunities. Office amenities include a fitness center, cafe, and recreational facilities.Learn more at betsol.comJob DescriptionSeeking a Senior Full Stack Security Engineer who is passionate about designing and building secure platforms and applications. The ideal candidate will feel comfortable working with both front-end and back-end application developers, as well as in building, automating and securing on-premise as well as cloud-based applications, preferably on the Google Cloud Platform (GCP).The selected candidate will be working with a strong team to help transform the way systems are built, secured, authorized and securely operated for continuous compliance and risk mitigation. Specifically, this candidate will help lead efforts to implement security patterns and practices with orchestration and automation tools that automate the secure configuration, verification, compliance and authorization of systems. They will be a key member of a team tasked with maturing the organization’s software development and security practices.QualificationsFamiliarity with the Chrome/Firefox/Internet Explorer development tools to see the request/repones headersBasic understanding of Http Request/Response headers for web and Restful API callsAbility to explain in detail any of the OWASP top 10 vulnerabilitiesBasics of API SecurityJWTOAUTH/OIDC/PKCEAPI replay attacksFamiliarity of any Java/Spring boot questions.High-level understanding of containers ,specifically how to create and deploy docker image in any cloud environmentFamiliarity with NodeJS any questionsFamiliarity with any Security scanning tools (SAST, DAST, SCM, Container/Cloud)Nice to have cloud development experience (Google Cloud/ AWS)ExperienceMinimum of 5+ years of total IT-related experience.3+ years implementing/utilizing Federal, Industry and Open Source Security Guidance and Secure Coding Practices (OWASP Top 10, SANS, CERT, CWE Top 25, Critical Security Controls, Cloud Security Alliance, SafeCode etc.)3+ years with both compiled and interpreted languages such as Angular, React, Node.js, Java, Spring Boot, IBM WebSphere App server, Oracle JBoss, .NET stacks3+ years with networking, infrastructure, secure application development, and security automation (DevSecOps ).3+ years of hands-on knowledge building and deploying secure complex distributed web and mobile applications.Additional InformationAll your information will be kept confidential according to EEO guidelines.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr