Senior Security Engineer

OCI is a fast-growing and innovative technology consulting company needing a Senior Security Engineer to consult on client engagements and provide technical support for the security-centered design of our applications. If you are interested in a role where you become part of a project team and work collaboratively across the organization to ensure security outcomes, then this is the place for you. We are building a security culture where we help define solutions instead of just raising concerns.
The Senior Security Engineer partners with project teams to implement technical framework controls that create securely architected solutions for both our clients and internally. This role integrates security best practices with DevOps teams to help them transform into DevSecOps teams.
Who is Object Computing?
Object Computing offers team members a supportive, creative, and collaborative environment where they are encouraged to enhance their skills and employ best practices. We embrace continuous learning and professional development, and foster a community that welcomes change and growth.  We proudly build transformative software solutions by leveraging open source software and strategic partnerships with organizations such as Amazon and Google. In partnership with our clients, we help them achieve transformative business results through smart, connective technologies. Object Computing has expertise in constructing solutions in a variety of industries, including aerospace, energy, retail, transportation, and agriculture. We deliver software solutions that accelerate innovation. Our full lifecycle software engineering solutions span multiple technology domains from real-time and embedded, to large-scale integrated and distributed systems, to modern web and cloud-enabled applications.

What You Will Do

• Integrate into project teams to help Implement, maintain, monitor, and manage security practices within the IT organization, specifically the development team
• Using code and infrastructure scanning tools including SonarQube and/or Snyk to identify, prioritize, and remediate vulnerabilities in collaboration with development teams 
• Review and work with project teams to understand their systems, identify gaps in system compliance, and provide recommendations  
• Engage in information security projects that evaluate existing security infrastructure and propose changes 
• Deliver projects on time, within budget and in accordance with service level agreements (SLAs)Research, validate, and deploy solutions meeting security and business needs
• Perform risk assessments and threat modeling
• Implement the OWASP Application Security Verification Standard (ASVS) seamlessly into the SDLC
• Lead creative, holistic security design thinking across various development and infrastructure projects
• Participate in sprint planning meetings and various decision-making sessions to ensure that security requirements and considerations are woven into the development practices
• Work with security team to facilitate secure design
• The opportunity to work on independent security projects that are of interest to you and will benefit the organization 
• Stay informed on security best practices within the industry; act as a subject matter expert for IT security

What You Will Bring

• At least 5 years working within Security or related discipline
• Knowledge and experience in secure cloud design
• Knowledge of security coding best practices and OWASP Top 10
• Knowledge of security compliance framework CMMC, NIST and ISO27001, HIPAA a plus
• Experience developing and documenting policy to meet compliance needs
• Naturally curious and enjoys researching and problem solving
• Strong collaboration skills
• Strong verbal and written communication skills Consulting background a plus
• Security clearance a plus
• CompTIA Security+ a plus
• Cloud Security Certifications a plus