Senior Software Engineer

JOB TITLE: Senior Software Engineer (Cybersecurity Focus)

JOB SUMMARY

Under general direction, participates as a high-level technical expert in design, development, coding, testing, and debugging new application software as well as significant enhancements to existing application software for internal and external customers. Works with technical staff to understand problems with software and develops specifications to resolve them. Develops and/or provides technical leadership in the development of software involving application of new technologies with significant technical risk. Additionally, this role incorporates a strong cybersecurity focus, ensuring secure coding practices, risk assessment, and compliance with industry security standards to protect applications from threats and vulnerabilities.

ESSENTIAL DUTIES

• Lead development activities that support compliance with cybersecurity objectives, including secure-by-design (ISO 81001-5-1) and data privacy (HIPAA, GDPR).
• Conduct security assessments and threat modeling to identify potential risks and recommend mitigation strategies.
• Implement and enforce secure coding practices to protect against vulnerabilities such as SQL injection, cross-site scripting (XSS), and buffer overflows.
• Collaborate with DevOps teams to integrate security into CI/CD pipelines, enhancing security automation and monitoring.
• Design and implement identity and access management (IAM) solutions, including role-based access control (RBAC) and multifactor authentication (MFA).
• Provide input to security incident response plans and actively participate in security audits and compliance assessments.
• Implement security logging, monitoring, and alerting strategies to proactively detect and respond to security threats.
• Act as high-level technical expert, addressing problems of systems integration, compatibility, and multiple platforms.
• Lead a development team in the design of highly complex software systems for internal and external customers and is responsible for project completion as required.
• Designs, develops, operates and maintains software components and software systems to apply to, and integrate with engineering, scientific, regulatory, and manufacturing requirements.
• Independently design and develop new software products or major enhancements to existing software for internal and external customers.
• Provides functional and empirical analysis related to the design, development, and implementation of software systems, including, but not limited to, utility software, development software, and diagnostic software.
• Perform feasibility analysis on potential future projects to management.
• Performs and approves code and test reviews.
• Exercise considerable latitude in determining technical objectives of assignment.Advances new techniques or advances the state-of-the-art.
• Demonstrates expert computer science fundamentals such as design patterns, data structures, OOP and software design.
• Mentors less-experienced software development staff.
• Defines software development best practices.

OTHER DUTIES AND RESPONSIBILITIES

• Represent the organization as the prime technical contact on contracts and projects. Interact with senior external personnel on significant technical matters often requiring coordination between organizations.
• May act as team leader on complex projects.
• May participate in the development of test strategies, devices, and systems.
• Holds self and team accountable for adherence to Agile principles and practices.

MINIMUM QUALIFICATION REQUIREMENTS

Education

Bachelor's degree in Computer Science, Cybersecurity, or equivalent of education and experience sufficient to successfully perform the essential functions of the job may be considered.

Experience

Minimum 8 years experience of professional experience in software engineering, with at least 3 years of dedicated experience in cybersecurity, focusing on secure software development, threat mitigation, and compliance with industry security standards.

• Must have experience with mission critical applications, preferably medical products or devices.
• Knowledge of regulatory requirements preferred.

Skills

• Cybersecurity frameworks and compliance knowledge (NIST, ISO 27001 , HIPAA, GDPR, ISO 81001-5-1) desired.
• Proficiency in threat modeling, security risk assessments, and penetration testing.
• Experience in implementing security in microservices architectures, API security, and OAuth authentication.
• Knowledge of secure DevOps (DevSecOps) and security automation tools such as SAST, DAST, and dependency scanning.
• Experience with zero-trust security models and network segmentation strategies.
• Ability to perform forensic analysis and incident handling for security breaches and vulnerabilities.
• Expertise in C with a strong understanding of object-oriented design.
• Proficient in front-end development with React, Angular - Angular preferred.
• Proficient with databases such as MySQL, Azure SQL, NoSQL and/or Redis Cache.
• Skilled in unit and component level testing.
• Experienced in software design, patterns, and architecture.
• Experience with microservice architectures, containerization (Docker, Kubernetes), and event-driven systems using message buses like RabbitMQ

-Or-

An equivalent competency level acquired through a variation of these qualifications may be considered.

PHYSICAL REQUIREMENTS

Typical Office Environment requirements include: reading, speaking, hearing, close vision, traverse, bending, sitting, and occasional lifting up to 20 pounds.

The physical demands described here are representative of those that must be met by an associate to successfully perform the essential duties of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.