Senior Cybersecurity Software Engineer

2106100

Job Description

This is a Senior Engineering role in the new Application Security Platform Squad (part of the Application and Infrastructure Security Product Area) within the Enterprise Cybersecurity Business Unit. This is a new squad, building a new platform, offering the successful candidate the opportunity to build the squad and platform from the ground up.

Verizon's 2024 Data Breach Investigation Report (containing 10,000+ confirmed data breaches) states that ~70% of breaches involved exploitation of a web application. Fidelity has hundreds of web applications on the Internet that make hundreds of releases a month to production. These applications are the main point of interaction that our 40M+ customers have with Fidelity. It is crucial to Fidelity's reputation, and our customers’ livelihoods, that these applications are secure.

The focus of the Application Security Platform squad will be to improve the security and vulnerability scanning coverage, and experience, for Fidelity’s developer community, driving a “security first” culture across the enterprise. For instance, this will involve creating a centralized scanning service to integrate policy management and security profiling into the developer workflow.

The Expertise You Have

• 5+ years of demonstrated experience in designing and developing enterprise-standard applications using one or more major programming languages (e.g. Java/Python/Go), frameworks (Spring, Apache Commons, Angular) and pipeline/build tools (e.g. Maven, Git, Jenkins, AWS CFT/CDK)
• Experience building scalable applications on Kubernetes, or similar platforms
• AWS certification preferred and have working experience with cloud environments.
• Any application security experience, including Pen Testing, Static Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Web Application Firewalls (WAF) would be considered a plus.
• Experience with unit and functional testing with tools such as JUnit, PyUnit, Mockito, Cucumber, Karate, Cypress or similar
• Hands on experience with automation & pipeline implementation (Testing, Continuous Integration / Continuous Delivery pipeline).
  
  
  

The Skills You Bring

• You possess strong engineering skills and have experience deploying maintainable, scalable multi-tiered applications.
• You are capable of designing and developing tools/applications using some of the following technologies: Java; Popular opensource frameworks/libraries (e.g. Spring, SpringBoot, Apache Commons, etc.); SOA and API frameworks such as SOAP and REST; Pipeline/Build tools including GIT, Maven, Jenkins, and AWS CFT/CDK; Front end languages/frameworks including JavaScript/Typescript, jQuery, Angular, NodeJS, Springboard or React a plus.
• You have experience with test automation, including solid understanding of test tools.
• You have experience working in an agile environment (Scrum).
• Ability to communicate optimally to positively influence peers, business unit and technology decision makers.
• Strong analytical skills and ability to tackle issues and work through ambiguous situations by making timely decisions based on facts, knowledge, experience, and judgement.
• You have a passion for continual learning and are always ready to guide, support and/or mentor other members of your team!
  
  
  

The Value You Deliver

• Design, develop, test, deploy and maintain SAST, SCA and secret scanning tools into the CI/CD pipeline and developer workflow tools.
• Continued focus on engineering excellence, including improving automation, test coverage, release velocity and production health.
• You are a creator and a doer who will help us tackle real-life problems and meet real consumer needs.
• You have strong communication skills and technical expertise to drive and participate in meaningful discussions. You are a collaborative team-player in an autonomous team, owning all aspects of delivery (coding, quality, DevSecOps). You build relationships with key business partners and quickly establish trust to ensure effective delivery.
• You clearly detail requirements, and system designs in a way that can be understood by both technical and non-technical individuals.
  
  
  

For more like this search #Cyber

Company Overview

At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences.Fidelity established an Ireland presence in 1996 and we currently employ 1,700 staff across IT and shared services, with offices in Dublin (City West) and Galway (Parkmore East). For information about working at Fidelity, visit FidelityInvestments.ie.

Fidelity Investments is an equal opportunity employer.

We believe that the most effective way to attract, develop and retain a diverse workforce is to build an enduring culture of inclusion and belonging.

Fidelity will reasonably accommodate applicants with disabilities who need adjustments to participate in the application or interview process. To initiate a request for an accommodation, contact [email protected].