Job Specifications
Job Purpose:
The Cybersecurity Sr Software Engineer helps build automated solutions around our security tools. This individual will help guide the team to contribute to these initiatives with high software quality in mind. They will also guide technical and security engineering discussions within the team, and will be seen as an authority on secure coding, secure infrastructure, and secure design best practices. They will help to imagine and shape the systems and process flows on incorporating security organically into the engineering teams' day to day workflows.
This engineer will work with AWS and other cloud technologies as well as a variety of commercial and open source security products and frameworks. While this is an individual contributor role, you'll be involved in many aspects - help evolve our existing architecture, reduce complexity, work with engineering teams to improve operations, and implement and operationalization new security tooling, as needed. Beyond automation of onboarding or usage of our application security tools, we strive for continuous improvement of processes and the integration of best practices. We're looking for someone who has an interest in application security, cloud technologies and a passion to help the organization create secure-by-default world-class software.
Key Responsibilities:
Reporting to the Security Engineering Director, serves as a member of the Security Engineering Enablement team
Works with partner engineering teams to create applications and services that align to the Security Engineering's mission and goals to integrate security seamlessly into our dev teams' workflow
Leverages technology (tools, capabilities, processes) to level up software engineering teams' secure coding practices and knowledge
Operationalizes off the shelf application security tools to help engineering teams build, deploy and deliver secure software
Provide situational white glove service to critical business engineering teams
Must be able to help engineering teams fix application security defects using a variety of technology stacks
Promotes incorporation of security processes and practices to make security an organic part of a declarative pipeline model (eg CICD practices)
Communicate process and tool automation improvements to the Product Owner, as opportunities and repeating concerns are observed
Helps define the team's tasks and objectives, based on continuing analysis of service requests
Creates automation solutions to support tool administration and operation
Consistently exhibits a positive attitude and desire to help the team to succeed
Design and build monitoring systems for developed automation applications and services
Participate in On-call rotation with the team (once every 3-4 weeks)
Consistently meets or exceeds predefined support and services Service Level Objectives (SLOs)
Executes tasks with minimal supervision
Collaborate with AI agents to build, test, and deploy software across the SDLC, by using proper contextual inputs to improve AI understanding and output quality.
Implement AI-powered features and pipelines in our software
Contribute to prompt engineering experimentation and share tool usage insights.
Define coding standards, review practices, and ethical guidelines for AI use.
Mentor peers and coach junior team members on AI-augmented development.
Essential Skills:
Bachelor's degree in a related discipline and 4 years' experience in a related field. The right candidate could also have a different combination, such as a master's degree and 2 years' experience; a Ph.D. and up to 1 year of experience; or 16 years' experience in a related field
Bachelor's Degree; preferably Computer Science major, Cybersecurity Software Engineering or equivalent experience
Proven and demonstrable experience building software applications with C# and python
Proven and demonstrable experience with Front End or JavaScript frameworks such as ReactJS
Experience designing and implementing automated solutions using Cloud native technologies
Strong cloud infrastructure experience in AWS
Solid understanding of DevOps - automated deployments and release orchestration
Solid understanding of containers and microservice architecture
An understanding of the latest cybersecurity best practices, and related security tools such as SAST, SCA, DAST
Excellent communication, interpersonal and teamwork skills
Strong analytical and problem-solving skills
Excellent attention to detail
Desirable Skills:
Masters in Computer Science, Cybersecurity or equivalent experience
Familiarity with Infrastructure as Code technology such as Terraform
An understanding of deployment methodologies like Blue/Green, Canary, etc.
Familiarity with various Cloud monitoring tools (Cloudwatch, New Relic, Splunk)
Familiarity with networking and network security
Experience with scalable networking technologies and architecture
Familiarity with standard IT security practices such as encryption, certificates, and key manageme
About the Company
Cox Automotive is a full service vehicle care and repair center. We offer under-car services, state inspections, full detailing services, restoration and performance services as well as fleet maintenance programs. Cox Automotive is involved in our community; we support "The Pittsburgh Project", "Eden Christian Academy", and "Young Life". INTEGRITY QUALITY COMMUNITY
Know more