Blackboard is hiring a Senior Software Analyst Engineer to join their team. If you enjoy contributing to open source projects, analyzing the security of applications and services through Threat Modeling, discovering and addressing security issues, collaborating with customers and employees worldwide, assessing designs against relevant security threats, this position will provide you with a challenging opportunity to learn and grow. Bring your passion for learning, experimentation, and creative thinking!
And don’t forget … if your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.
Senior Software Security Engineer
The Blackboard Product Security Team is responsible for the security and availability of products offered by the Cloud, Mobile, Learn, Connect, Collaborate, Engage, and Moodlerooms divisions. We are a collegial team looking for a Senior Software Security Engineer with experience in building secure web applications to help ensure our web services, applications, and platform are designed and implemented to industry practices. Key Responsibilities include:
- Provide advice and consultancy on risk assessment, identification of relevant threats (Threat Modeling) and fixing vulnerabilities
- Define clear and testable requirements for securing new product features and security controls for a modern user experience
- Share architectural and technical guidance with product development team while maintaining a thorough understanding of products
- Master a solid understanding of the security architecture of the Blackboard Learn product suite as well as other key Blackboard products.
- Coordinate security testing, including definition of scope, coverage, and management of cross-functional remediation plans.
- Leverage automated dynamic and static analysis security tool results to support manual analysis.
- Lead source code review using static analysis tools for critical areas of the application
- Provide guidance on the design and correct implementation of planned security controls such as encryption, log management, and authentication.
- Develop prototypes of security features in the application
- Contribute to security policy, standards, and guidelines
- Develop training materials for general security awareness and specific security engineering training
Bachelor’s Degree in Computer Science or related field
- Knowledge of security testing tools and methodologies.
- Minimum of 6 years experience with any combinations of the following: penetration testing, automation, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system and network security
- Technical knowledge in web server, application server, operating system and network security
- Experience performing security reviews on: RESTful web services, Java web applications, JSON, jQuery, AJAX, OAuth
- Experience performing security reviews on: .NET, C++, Scala,
- Experience with driving infrastructure and operational security needs for a virtualized environment based on Threat Models -defining requirements for Palo Alto next-gen firewalls, IDS, IPS, platform vulnerability scanning (e.g. Nessus, nmap), etc.
- Experience working collaboratively with engineers to provide design-level assessments of security risks and corresponding mitigating controls to ensure that privacy and security needs are met in user interface and technical design (security design reviews)
- Exhibit a proactive, solutions based and resourceful approach
- Experience building scalable infrastructure software or distributed systems
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
- Strong sense of ownership, urgency, and drive
- Sharp analytical abilities and proven design skills
From our beginning as a small education technology company, Blackboard has been dedicated to improving every aspect of the education experience for millions of learners and educators around the world. We work with thousands of higher education, K-12, professional, corporate, and government organizations, providing them with tomorrow’s education experience today.
Follow-Up Contact Information
For additional information and to apply, head on over to its requisition.