Product Security Engineer - Las Vegas, United States - Veteran Benefits Guide

    Veteran Benefits Guide
    Veteran Benefits Guide Las Vegas, United States

    1 month ago

    Default job background
    Full time
    Description
    Who we are: VBG (Veteran Benefits Guide) was founded by a former active-duty United States Marine with the goal of ensuring that Veterans receive the correct disability benefits in a timely manner. VBG has successfully guided over 35,000 Veterans by submitting their VA (Veteran Affairs) disability claims, resulting in increased compensation benefits for their disabilities that are related to active-duty service. As a company founded by a Veteran and staffed by many Veterans and families of Veterans, Veteran Benefits Guide is committed to advocating for policies that protect the rights and interests of former servicemembers. Summary: The Product Security Engineer will play a critical role in ensuring the security of our software applications, protecting sensitive data, and identifying and mitigating security vulnerabilities. This role requires a deep understanding of software security principles and a commitment to proactively safeguarding our systems.

    Basic Function/Responsibilities:
    • Conduct comprehensive code reviews to identify and rectify security vulnerabilities and coding flaws.
    • Collaborate with the development team to implement secure coding practices.
    • Analyze software designs and architectures to identify potential security threats and weaknesses.
    • Develop threat models to guide security measures and risk assessment.
    • Plan and execute security testing, including penetration testing, vulnerability assessments, and security assessments.
    • Work with cross-functional teams to resolve identified security issues.
    • Promote security best practices throughout the software development lifecycle.
    • Integrate baseline security configurations and controls into the development workflow.
    • Educate development teams on secure coding practices and security awareness.
    • Utilize and maintain relevant security tools and technologies, including but not limited to AppScan, Fortify, and Burp Suite, to identify vulnerabilities, assess risks, and implement appropriate security measures.
    • Configure and manage firewall settings to protect the network infrastructure.
    • Apply cloud security best practices for platforms like AWS, Azure, and GCP to secure cloud-based resources and services.
    • Conduct training sessions and workshops on security-related topics.
    • Develop and maintain an incident response plan for software security incidents.
    • Lead investigations and collaborate with incident response teams to address security breaches.
    • Ensure software applications comply with industry regulations and standards (e.g., HIPAA, OWASP, NIST, GDPR).
    • Assist in the development and enforcement of security policies and procedures.
    • Stay updated on emerging threats and trends in software security.
    • Continuously research and recommend new security tools and methodologies.

    Required Experience:
    • Proven experience in software security engineering or secure software development.
    • Excellent programming skills in JavaScript, PHP, Python, and others.
    • Proficiency in MongoDB, , React, and is strongly preferred.
    • Relevant certifications, such as Certified Secure Software Lifecycle Professional (CSSLP) or Certified Cloud Security Professional (CCSP), and AWS Cloud or Security Specialty are a plus.
    • Strong knowledge of common application security vulnerabilities and mitigation techniques.
    • Proficiency in security tools and practices, such as static and dynamic code analysis, fuzz testing, and threat modeling.
    • Strong problem-solving and communication skills.
    • Ability to collaborate effectively with cross-functional teams and communicate complex security concepts to non-technical stakeholders.

    Education: Bachelor's degree preferred (Engineering, Computer Science, Information Systems, etc.) or equivalent experience
    Position Type: This is a full-time position. Working hours are Monday through Friday, from 8:00 a.m. to 5:00 p.m., with in-office attendance required three times per week with the rest of the time being remote. More days in the office may be required as needed. Occasional after-hours coverage may be necessary.
    Travel: Offsite training or meeting travel is estimated to be less than 5%.

    About Veteran Benefits Guide:

    Veteran Benefits Guide was founded by former United States Marine, Joshua Smith. Josh was employed by the Veteran Benefits Administration (VA) as a Rating Veteran Service Representative (Rater). While working in this capacity Josh was thoroughly trained on the VA's Disability Compensation System. During his tenure at the VA, he discovered many inefficiencies in the way Veterans' disability ratings were evaluated. He witnessed firsthand how the VA's method of deciding Veterans' disability ratings was heavily flawed and designed a system to address those deficiencies. Recognizing the need to provide Veterans a better option for processing their VA disability claims, Josh set out to create a means to expedite them through the VA claim process while also obtaining the benefits Veterans deserve. Years later, VBG has successfully guided over 10,000 Veterans with submitting their VA disability claims, resulting in substantially increased compensation benefits for their disabilities which are related to active duty service.