Senior Secure Software Engineer/Solutions Architect

I

IQUASAR LLC

Senior Secure Software Engineer/Solutions Architect

Fort Rucker, AL
Full Time
Paid
  • Responsibilities

    We are seeking a highly experienced Secure Software Engineer with deep expertise in application security, vulnerability assessment, and secure software development. The ideal candidate will be responsible for designing, developing, and testing secure software applications to ensure resilience against emerging cyber threats. This role requires advanced knowledge of secure coding practices, security testing tools, and regulatory compliance standards. Prior experience in the electric and/or water utility sector is strongly preferred.

    Key Responsibilities:

    Design and develop secure software applications with integrated security features and hardened architectures

    Conduct vulnerability assessments and penetration testing of custom and third-party applications

    Provide remediation support for identified vulnerabilities and work closely with development teams to integrate fixes

    Collaborate with cross-functional teams (DevOps, Cloud, Infrastructure, QA, and Compliance) to ensure secure application delivery

    Conduct code reviews to ensure adherence to secure coding standards (e.g., OWASP Top 10, NIST 800-53, CIS Benchmarks)

    Develop and maintain documentation for secure development practices, risk mitigation steps, and security controls

    Participate in incident response activities related to application and software security threats

    Lead or support dependency and event management for critical applications and third-party libraries

    Stay up-to-date on current and emerging threats, tools, and security technologies to inform continuous improvement

    Ensure application compliance with industry standards and regulations (e.g., NERC CIP, FISMA, GDPR, CCPA)

    Qualifications Required:

    Minimum 7 years of professional experience in cybersecurity, software security engineering, or application security

    Demonstrated experience with:

    Secure software design and development

    Vulnerability assessments and penetration testing

    Incident response and remediation support

    Dependency/event management

    Proficiency with secure development lifecycle (SDL), static and dynamic code analysis tools (e.g., SonarQube, Fortify, Veracode)

    Strong knowledge of at least one programming language (e.g., Java, C#, Python, JavaScript)

    Familiarity with security tools such as Burp Suite, Nessus, Metasploit, or similar

    Working knowledge of security compliance frameworks and best practices

    Preferred:

    Specialized experience in the electric and/or water utility sector

    Certifications such as CISSP, CSSLP, OSCP, CEH, or GIAC GWAPT

    Experience working within regulated environments (e.g., NERC CIP, HIPAA, PCI-DSS)

    This is a remote position.