Principal Software Engineer - Security Champion Reston, Virginia 02/11/2019 Apply now Characteristics: * Technical expert who has the ability to diagnose/confirm vulnerabilities or to involve additional technical expertise on an ad hoc basis. * Understands and advocates for adherence to Dell technologies vulnerability response policy for all product releases. * Awareness and monitoring of known vulnerabilities, internal and external. * Ability to define and verify resolutions themselves or to involve additional technical expertise by engaging engineering leads. * Ability to influence release plans in coordination with Product Management. Responsibilities * Collaborate with Architecture and engineering teams to provide security and governance input early in the development life-cycle. * Act as a product owner and clearly define security requirements for releases in-flight. * Work closely with security test champions in reviewing efficiency of various detection techniques and bring in continuous improvements. * Review engineering deliverables through internal security test teams and external third party vendors and help deliver secure solutions. * Interfaces with Program Management and engineering to track progress of remediation/response plans for known vulnerabilities. * Influence decision-makers in the areas of secure network design, access/authentication controls, SaaS and others. * Research, evaluate and drive next-generation security technologies and concepts to keep security ahead of the curve. * Monitor changes in the legislative, regulatory and contractual landscape to ensure that the information security program is always at least one step ahead * Mentor junior security test team members. Requirements * 10+ years of experience in security engineering, technology or an architect role for complex enterprise systems. * Strong understanding of security tenets, such as encryption/key management, network design, access control. * Knowledge of the intricacies related to DISA STIG compliance, Federal Information Processing Standards. * Hands on experience with security detection techniques and tools. Running and triaging Network, webapp and Open source code scans ( Nessus , BlackDuck, Qualys, Burp suites ..etc ) . * Ability to create threat models for complex enterprise applications. * Ability to maintain strict confidentiality. * Ability to work independently with minimum direction in a fast-paced environment as well as collaborate effectively while maintain an "options before obstacles" mindset Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here. Job Family: Engineering Job ID: R93853 * 10+ years of experience in security engineering, technology or an architect role for complex enterprise systems. * Strong understanding of security tenets, such as encryption/key management, network design, access control. * Knowledge of the intricacies related to DISA STIG compliance, Federal Information Processing Standards. * Hands on experience with security detection techniques and tools. Running and triaging Network, webapp and Open source code scans ( Nessus , BlackDuck, Qualys, Burp suites ..etc ) . * Ability to create threat models for complex enterprise applications. * Ability to maintain strict confidentiality. * Ability to work independently with minimum direction in a fast-paced environment as well as collaborate effectively while maintain an "options before obstacles" mindset