Staff Software Security Engineer
Company: Intuit, Inc
Location: Mountain View
Posted on: May 16, 2022
|
|
Job Description:
OverviewCome join the CX3 Security, Fraud Prevention, and
Technical Compliance team as a Staff Software Engineer. In your
role, you'll meaningfully and positively impact the cybersecurity
and privacy of tens of millions of users by helping to design and
build secure-by-design, privacy-by-design architectures,
infrastructure, software, and applications for our consumer tax,
personal finance management, marketing technology, and customer
success offerings, including TurboTax, Mint, and TurboTax Live.
Safety and reputation distinguish our company from the competition
and are at the core of our value proposition to our customers. Our
mission is to power prosperity around the world, and our products
must be secure to accomplish that. Alongside a world-class global
engineering and product management organization, you'll work
hands-on with stakeholders across the Intuit ecosystem to deliver
delightful, innovative customer-back outcomes while anticipating
adversaries and ensuring effective detection and defensive controls
are in place to thwart attacks and other types of abuse. As a key
member in a vibrant security and engineering organization, you will
help our organization and our company continue to build a holistic
view of how to secure our platforms and products now and as we
expand into the future. What you'll bring: 5-10 years of experience
in information security, IT risk management. Hands on experience
designing and developing server-side, web, and/or mobile
applications a plus. Ability to review, understand, and provide
actionable feedback on code, architecture designs, and
infrastructure deployments created and maintained by other
engineers and engineering teams. Proven ability to synthesize
achievable solutions from diverse inputs, alternative sources
(build / buy / partner) and complex, often ambiguous, data. Skilled
in software development lifecycle processes and high velocity agile
development. Able to operate at highly varying levels of
abstraction from business strategy to product strategy to high
level technical design to detailed technical design to
implementation. Experience with one or more common compliance
frameworks (e.g. ISO/IEC 27001:2013, NIST 800-53, PCI); focus on
deep understanding to translate controls and control intent into
consumable patterns across enterprise systems. Experience with
security testing and security testing tools. Expertise in the
Software design/architecture process. Experience with core Intuit
technologies a plus: SpringBoot and the Spring software ecosystem,
Kubernetes, AWS, Microservices architecture, CI/CD pipelines.
Strong leadership experience: Leading meetings, presenting,
technical go-to person, and cross-functional leader. Excellent
problem-solving skills: able to effectively diagnose and
troubleshoot technical and cybersecurity issues. Constant learner
and teacher: Actively stay abreast of cybersecurity, fraud
prevention, privacy, compliance, and technical trends and
standards, recommend best practices, and share learnings with the
security and engineering communities. Excellent communication
skills: Demonstrated ability to explain complex technical issues to
both technical and non-technical audiences. Business Acumen -
strategic thinking & strategy development. Building strong teams -
set and evangelize vision, facilitative leadership, attract and
retain key talent. Team/Leadership Qualifications: Team player
possessing strong analytical, problem solving and communication
skills. Strong mentoring skills. Able to influence and communicate
effectively with both technical and non-technical people.
Demonstrated ability to work with global teams across time zones.
Ability to work effectively in a fast paced, complex technical
environment. High adaptability and flexibility. Experience driving
for results across cross-functional teams while maintaining
effective working relationships. Excellent communication skills.
Communicates clearly, succinctly and persuasively to all levels of
employees, customers and management (including executives).
"Self-starter" attitude and the ability to make decisions
independently. How you will lead: Determine security, fraud
prevention, privacy, and technical compliance requirements by
evaluating business and technical plans and strategies; research
information on security and risk-prevention standards; conduct
system security and vulnerability analyses and risk assessments.
Create and maintain effective technical documentation, diagrams,
and presentations to communicate cybersecurity/fraud risks for
development teams and business users. Clearly identify and document
risks using data, expertise, experience, and common risk-assessment
methodologies (e.g. threat modelling, MITRE ATT&CK) for fellow
security professionals, engineers, and business leaders. Recommend
development and security best practices for application,
infrastructure, software development. Partner across the
organization to design and implement high-quality risk management
processes through education, consulting, and via support channels
(e.g. Slack). Ensure effective, comprehensive incident response
processes within the organization, incl. remediation and root cause
analyses. Help design and maintain effective governance programs
that ensure policy, cybersecurity, privacy, and compliance outcomes
are met and maintained at scale via automation, analytics, and
pattern development. Provide perspectives and recommendations on
leading industry trends, new and emerging technologies, the
evolving privacy and compliance landscape, and continuous process
improvements. Effectively perform knowledge transfers and train
technical and non-technical stakeholders at all levels of the
organization. Create and maintain effective technical
documentation, diagrams, and presentations to communicate
architectural options and risks, and educate development teams and
business users. Act as the technical subject matter expert:
Mentoring fellow engineers, demonstrating technical expertise, and
leading small teams solving challenging programming and
cybersecurity problems. Roughly 20-60% hands-on coding and data
analysis.
Keywords: Intuit, Inc, Mountain View , Staff Software Security Engineer, IT / Software / Systems , Mountain View, California
Click
here to apply!
|