Application Security Assurance Engineer

Freddie Mac
Reston, VA
Mar 19, 2019
Jun 27, 2019
Full Time
If you are an organized, detail-oriented, deadline driven, highly motivated professional with a passion for critical, technical problem solving, and able to handle multiple responsibilities in a fast-paced environment independently, then we are your next destination employer! As a member of the Software Security Group your primary function would be to identify software security vulnerabilities and work with development teams on remediation. As a member of the team, this individual will have a proven background in application security, software development and DevOps. This is an opportunity to join a fast-paced team that interacts with all areas of Freddie Mac. Prefer Local candidates to the DC Market, will entertain Remote option for the ideally qualified individual.


Your Work Falls into Four Primary Categories:

Vulnerability Identification and Remediation Support:
o Perform application security code reviews using automated tools and manual techniques
o Document your findings and follow processes for communication with application owners.
o Work with development teams to assist with vulnerability remediation, answer questions, review work performed
o Assist team members by answering questions and reviewing work performed

Operational Support:
o Provide application system account management, including password management.
o Apply broad technical knowledge and skills to analyze, develop, create and implement process improvements, trouble shooting, and operational support.
o Understand applications from a technical architecture and business goals perspective to apply Security best practices.
o Work on multiple tasks in support of one or more projects that require a singular area of expertise.

Best Practice Research and External Support:
o Maintain knowledge database articles.
o Develop training materials and conduct training sessions on the supported tools and processes.

Operations and Technology:
o Provide quality system admin support for Fortify, Black Duck, Contrast and other security tools including metrics reporting to ensure compliance and maintain best practices.
o Participate in the upgrades and patch fixes of supported tools, and partner with other IT staff to coordinate infrastructure maintenance and system migrations.
o Develop automated scripts using JAVA/.Net, REST API, Python to automate system admin functions and develop home grown utilities, tools and integrations.
o Develop requirements, test scripts and lead/participate in test execution for supported tool upgrade projects.

* 5+ years of relevant experience in application security and development
* Bachelor's degree in computer science or engineering or related experience.
* Working knowledge of Fortify, Contrast, Black Duck, SonarQube, system administration
* Solid development background in Java, JavaEE, Spring
* Strong problem solving and analytical skills
* Ability to convert business needs to technology solutions

Key to success in this role
* Works under minimal supervision, adept at multi-tasking
* Follows established directions from supervisor. Able to provide technical guidance to the team.
* Ability to work with and collaborate across teams.
* Good communication skills and team player.
* Proactive in nature with customer satisfaction as primary goal.
* Innovative in providing solutions, likes to take on challenges with calculated risk.
* Quick learner of new technologies and tools.

Top 3 Personal Competencies to possess
* Customer Focus -Engage with customers to understand and deliver on support needs.
* Seek and Embrace Change - Continuously improve work processes rather than accepting the status quo
* Growth and Development - Know or learn what is needed to deliver results and successfully compete

Preferred Skills

* Experience with SDLC and Agile methodology lifecycle
* Working knowledge of Java, Python, REST API scripting
* Excellent written and oral communication skills
* Must be a team player with great interpersonal skills
* Experience in AWS/Cloud technologies
* Certifications such as CISSP, CSSLP any Cloud, Networking or Development certs

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.

Similar jobs