Systems Architect - Security Engineer
Happy employees. Great work. No coincidence.
Learn about opportunities to join the team, share your talents and make a difference!
No matter the industry, organizations are collecting data at a faster pace than they can often handle. SAS provides everything they need to make sense of that data, manage its growth and determine what information brings the most value. Whether it’s to reduce fraud in banking, speed drugs to market in life sciences, forecast demand in retail, detect security breaches in government or identify students at risk of falling behind, SAS takes pride in making a difference.
As a security engineer in SAS's software R&D division, you will be a key contributor to efforts across R&D to implement secure software, verify its integrity, and manage the overall maturation of the software security program. Successful candidates must solve complex technical problems, work closely with engineering teams, and communicate clearly and effectively to technical audiences. This position requires a diverse set of skills including software development, technical guidance and support. As a member of the SAS Technology Office, your success will depend on your cooperative skills in working with the R&D software security team, R&D engineering teams, and others across the enterprise.
For this role, you will have the opportunity to…
- Configuration, tuning and administration of security tools used for Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Application Vulnerability Correlation (AVC)
- Develop tooling to drive automation of manual processes
- Provide guidance to development teams on secure coding best practices and resolution of security vulnerabilities
- Review security analysis tool findings with product teams and other stakeholders
- Participate in the Product Security Incident Response process
- Assess current practices and work with the security team to implement relevant changes to ensure the maturation of the R&D software security program
Do you qualify? You must have…
- Bachelor's degree in computer science or related quantitative field
- Three years of experience in professional software development
- Experience with one or more major software development environments in use at SAS: C, Java, web applications
- Experience with web-based and cloud-native architectures
- Experience with security design in large software systems
- Experience with security testing and validation tools
- Strong knowledge of industry standards for application security
- Experience with security vulnerability concepts and remediation techniques
- Experience with source control management systems and continuous integration/deployment environments.
- Ability to analyze complex data and produce easily understandable content
- Experience with agile development methodologies including Kanban and Scrum.
Preferences for this role include…
- Security-related certifications such as CSSLP, CISSP, or other relevant
- Experience with BSIMM
SAS looks not only for the right skills, but also for a cultural fit. We seek colleagues who will contribute to the unique culture that makes SAS such a great place to work. We look for the total candidate: technical skills, culture fit, relationship skills, problem solvers, good communicators and, of course, innovators. Candidates must be ready to make an impact.
- To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status.
- SAS is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
- The level of this position will be determined based on the applicant's education, skills and experience.
- Resumes may be considered in the order they are received.
- SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS, BI, Data Mining, OLAP, DW, Analytics, Business Analytics, Predictive Analytics, Statistics, Customer Intelligence, Enterprise Risk Management
Company Type: Privately Held
Company Size: 10,001+