Overview:

As Staff Software Security Engineer you will shape the security features of product and provide security expertise to the engineering organization. This role will interface with all levels of engineering to ensure security best practices across system and code design and implementation.

Primary Responsibilities:

· Advocate for security throughout the SDLC with emphasis on threat modeling and software design review

· Provide security subject matter expertise and drive best practices, standards, and policies across areas such as identity and access management, cryptography, web security, cloud security, and more

· Participate in investigation and remediation of vulnerabilities affecting software products

· Partner with stakeholders across the product engineering organization including Software Architecture, Product Management, Engineering, and DevOps

· Participate in the design of security related features for SaaS and desktop products

Requirements:

· Minimum 12 plus years of proven experience and demonstrable recurring success delivering software through the SDLC (cumulative over a security and dedicated software development career)

· Demonstrated project experience with delivering software through out the SDLC

· Understanding of how to diagnose software build and scan results, such as CI/CD, SAST, DAST, SCA, and Container scans

· Able to discuss and provide clear technical guidance on cryptographic concepts like cryptography, hashing, encoding, key management, etc

· Strong knowledge of software vulnerabilities, mitigations , threat modeling, risk assessment, and vulnerability management

· Must have strong leadership qualities and provide clear technical communication and guidance. As a security leader you will collaborate with stakeholders across the organization, including software engineering teams and product owners, to provide optimal solutions to difficult problems

· Understand how regulations can impact security roadmaps, and argue their importance to the business

· Bachelor's degree and/or equivalent experience in computer science, information technology, or related field

Desirable:

· Previous work experience in at least one systems programming language such as C++, C#, or Java.

· Strong experience with SaaS applications and Cloud technology such as GCP, AWS, Docker/Containers, Kubernetes, and microservice architectures

· Experience developing or maintaining CI/CD and scanning systems (e.g. can implement and maintain a system that helps find vulnerabilities)

· Demonstrable practical experience implementing or maintaining cryptographic systems/libraries

· Strong knowledge of Design patterns and Frameworks

Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we're invested in building teams with a wide variety of backgrounds, identities, and experiences.