Principal Security Software Engineer [2022-006]


Description: Ensures the architecture & design of cloud-hosted infrastructure and information systems are functional and secure; Evaluate and Recommend technology solutions as related to AWS and specific to Earthdata Cloud Provide guidance and, where needed; integration of security tooling with ESDIS development processes Develop and document security architecture, implement DevSecOps (Code Security) best practices, System Development LifeCycle (SDLC) road-mapping, and perform Security Impact Analysis(SIA), for the ESDIS cloud environment.

Required Skills:

• Understanding of how security impacts the development pipeline with technical proficiency and familiarity of DevSecOps SAFe/Agile culture

• Understanding of Risk Management Frameworks (e.g NIST rev 4/5)

• Well versed in practical application of risk management techniques

• Strong interpersonal, collaborative and organizational skills

• Discern the protection needs of information systems and networks; and evaluate security designs

• Experience with COTS or open-source tools

• Demonstrated ability to document and advise on cyber policy, principles, processes, architectures and control

• Implementation of risk assessment techniques, control remediation and security best practices

• Knowledge with AWS DevSecOps, Cloud Computing, Identity Access Management, Infrastructure as a Code, Patch Management, Secure Monitoring, and Compliance

• 8+ years of experience; (2+ yrs) with AWS operations and services; understanding of infrastructure automation; familiarity with software development practices such as Agile/SAFe and CICD.

• Relevant professional designation or related advanced IT certification, but not limited to the following: CISSP; CCSP, CSSLP, SSCP; AWS Certified Security Specialty.

Desired Experience:

• Experience with Industry standard collaborative tools & SIEM content Analysis, SAST tools, Development and Testing practices

• Prior experience working in any of the following: Security Operations Center (SOC), Network Operations Center (NOC) or Computer Incident Response Team (CIRT)

• Current experience with cloud security policy implementation and management of audits

• Experience in the response, mitigation, and/or reporting of cyber threats

Bachelor degree in Computer Science, Information Systems, Cybersecurity, Engineering or a related STEM discipline

10+ years


NAC Background Check


In compliance with Colorado’s Equal Pay for Equal Work Act, the salary range for this role is $125,000 - $150,000. Please note, salary is based on education, experience, and responsibilities.

U.S. Citizenship Required. An Equal Employment Opportunity employer. Please visit Equal Employment Opportunity link below for further information.
Equal Employment Opportunity Information