Software Engineer III - Application Security

OpenGov is home to an exceptional team - passionate about our mission to power more effective and accountable government. By bringing the OpenGov Cloud to our nation's state and local government, we’re transforming communities so they can thrive!

Imagine yourself being able to help small business owners open their doors faster, ensuring our tax dollars are accounted for, creating safer infrastructure, modernizing the permitting process, and assisting with disaster recovery. The work you do here every day has a meaningful impact on people's lives!

🌟 OpenGov is a 2023 Top Workplaces USA award winner and a Forbes America's Best Startup Employer 🌟

Join our smart, fun, and humble team to experience the most rewarding career of your life!

Job Summary:

As a Security Software Engineer III at OpenGov, you will work closely with product and engineering teams to build secure systems for agile security. We are looking for someone that is passionate to enable engineering teams to address product and enterprise risk while maintaining business velocity and scaling for growth.This role requires someone that is self-motivated and disciplined to drive collaboration and impact through security strategy, threat modeling, developing tools for security-at-scale and execution. You'll be helping to build best-in-class SaaS solutions that enable efficiency, transparency, and accountability within government agencies. You'll be a key member of our Global Security team, leading complex projects in a fast-paced, agile environment driving towards a Secure-by-Default future.

A typical day in this role would provide multiple opportunities to lead and design well scoped security services, implement and optimize complex security applications for speed and scalability, and resolve various unique technical challenges. The role provides you the ability to become subject matter expert in one or more security technical areas. Strong collaboration skills with the product, UX, and platform engineers, ability to navigate ambiguity and execute quickly will enable your success.

Responsibilities:

• Independently design, implement and develop high-quality tools that are scalable, secure, and maintainable.
• Strong communication skills in writing and verbal to articulate security initiatives to any audience in the organization.
• Collaborate with cross-functional teams for threat-modeling, providing security guidance for engineers to make the right decisions at every phase of the SSDLC.
• Automate secure cloud operations, and automate SAST, DAST, and SCA tooling in SecDevOps engineering pipelines.
• Troubleshoot, debug, and resolve complex technical issues.
• Drive continuous improvement of secure development processes, tools and operational excellence
• Validate, manage, and provide remediation guidance on vulnerability management.
• Mentor and guide junior security software engineers, fostering a culture of continuous learning and improvement.
• Stay current with emerging security and industry trends, advocating for their adoption where appropriate.
• Contribute to OpenGov’s Engineering culture of innovation, leading-edge technology adoption and quality

Requirements and Preferred Experience:

• BA/BS in a computer-science-related discipline or equivalent experience required
• 3+ years of professional experience in software engineering, or application security.
• Security architecture, secure code review, API security, threat modeling, zero-trust, and secure-by-default practices.
• Experience with identity and access management best practices such as TTL, JIT, and least-privilege access.
• Experience in Java, Python, or C++ or C# or equivalent program language.
• Experience with GraphQL.
• Experience with AWS cloud security, container technology, and CI/CD systems.
• Experience with some SAST, DAST, or SCA tooling.
• Experience in building software using event-driven architecture is highly desirable
• Strong understanding of secure software development life cycle (SSDLC) methodologies