Sr Java Software Developer-Security

Company: Pearson
Location: Providence
Posted on: January 27, 2023

Job Description:

SummaryAs a Senior Software Security-Focused developer, you will be responsible for improving application security across the platform. Initially this position will focus on hands-on development work to resolve vulnerabilities. This will transition into an increasing focus on identifying, assessing, escalating, and coordinating fixes across teams. This is a new role for this platform; however, you will work with security experts on other platforms and teams. The ideal candidate is a proven software developer who thrives working independently and setting their own direction, while also effectively collaborating and educating others. Candidates for this role are not expected to be security experts but they must have a strong interest in and/or the ability to learn security.Senior Developer responsibilities include full lifecycle activities using industry best practices in an agile, results driven environment while working with a diverse group of high-performing, experienced teams. You will be expected to continually grow and challenge all of us to raise the bar even higher with your contributions to people, process, and technology. We are looking for another highly collaborative team member that has a passion for excellence and innovation and knows the importance of fun, self-care and flexibility while working on a variety of complex and challenging projects.Responsibilities+ Work closely with product and platform teams to implement changes to address security vulnerabilities. Maintain and support mission-critical applications, as necessary. Full-lifecycle activities include following Pearson VUE and industry standards for analysis, requirements, design, reviews, testing, deployment, automation, and support.+ Increasing willingness and ability to expand security knowledge (with focus on Application Security), and work across teams and platforms to proactively find and mitigate security vulnerabilities.+ Increasing ability and proactive focus on security related: communication, controls, best practices, industry knowledge, subject matter expertise across the platform, automation, reviews, documentation, training, mentoring, and process and procedures.+ Performs other duties as assigned.QualificationsRequired Education & Experience+ Bachelor's degree in Computer Science, MIS, or equivalent technology discipline+ 8+ years minimum industry Java development required+ 4+ years industry programmatic interaction with relational database systems+ The current technology stack for our department includes but is not limited to: Java, Angular/AngularJS, Spring, Web Services (REST/SOAP), Angular, JPA/Hibernate, Swing, RESTEasy, SQL Server, RabbitMQ, Azure, Apache CXF, and Spring Boot.+ Industry experience in OOAD, agile processes, design patterns, SQL and UMLDesired Knowledge, Skills & Abilities+ Application security experience in a global enterprise IT environment+ Proven ability to quickly learn new processes and tools, business domains and technical apps+ Must have strong time management skills - including ability to work well under pressure, plan, set priorities, adapt to change, and meet established timelines+ Must develop effective relationships with internal and external contacts and work well within and across teams+ Must assimilate information, distill knowledge, apply experience, and provide solution alternatives and recommendations+ Experience working in an agile environment+ Experience in understanding software architecture+ Experience in creating design/solution documents and test-driven development+ Desire to expand knowledge in many development languages, applications, and tools+ Ability to think technically and analytically+ Must be a self-starter and detail-oriented+ Must have a "positive" and energetic demeanor+ Effective written and verbal communication skills+ Creative problem-solving skillsIndustry experience with the following+ Experience with Java and web applications, single-page Angular applications, REST and SOAP APIs+ Technologies: Java SE AND EE, Angular/AngularJS (or other JavaScript frameworks such as jQuery), Spring Security, REST services, JPA/Hibernate, SQL, JBOSS OR TomcatExperience with the following (Preferred; otherwise, desire to learn)+ Well-rounded background in application security+ Experience driving a culture of security awareness+ Current understanding of industry security trends and emerging threats+ Strong preference for working experience with security tools, using static code analysis, dynamic code analysis, and 3rd party library assessment tools+ Experience implementing security controls in a global enterprise IT environment+ Familiar with OWASP Secure Coding Practices, Continuous Integration/Continuous Deployment (CI/CD) processes/concepts, REST API technology and methods, and common security vulnerabilities and fixes+ Knowledge and remediation experience of common OWASP security risks such as SQL injection, XSS, DDoS, CSRF, XEE+ Proven ability in security process and organizational design+ Swing, RESTEasy, SQL Server (Transact-SQL), RabbitMQ, Azure, Apache CXF, SpringBoot, Gradle build framework, Docker, Kubernetes, Splunk, NewRelicCompensation at Pearson is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. As required by the Colorado and New York City laws, the pay range for this position is as follows:Minimum full-time salary range is between $125,000 - $140,000.This position is not bonus eligible, and information on benefits offered is here.\#LI-POSTLearning is the most powerful force for change in the world. More than 20,000 Pearson employees deliver our products and services in nearly 200 countries, all working towards a common purpose - to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We are the world's leading learning company. Learn more at pearsonplc.com.Pearson believes that wherever learning flourishes, so do people. We are committed to being an anti-racist?company in everything we do. We value the power of an inclusive culture and a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm, and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity, and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to a sustainable environment and workplace where talent can learn, grow, and thrive. ?To learn more about Pearson's commitment to a diverse and inclusive workforce, please click here:? http://www.pearson.com/careers/diversity-and-inclusion.html?Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need.?All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.**Job:** TECHNOLOGY**Organization:** Assessment & Qualifications**Schedule:** FULL\_TIME**Req ID:** 8846\#location

Keywords: Pearson, Providence , Sr Java Software Developer-Security, Other , Providence, Rhode Island