The job Lead Software Engineer (Full Stack with Application Security) has been saved.Continue
Ready to apply?Please confirm your email to start the apply process.
The Job has been saved succesfully
Lead Software Engineer (Full Stack with Application Security) posted by DTCC
The IT SIFMU Delivery Department supports core Clearing and Settlement application delivery for DTC, NSCC and FICC. The department also develops and supports Asset Services, Wealth Management & Insurance Services and Master Reference Data applications.
DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.
Are you ready to explore a world of possibilities?
Join our DTCC family, and you'll grow your expertise and become the best version of you. As you embark on a new journey, you'll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life.
Why You'll Love This Job:
In this role you will be responsible to contribute towards fixing the software vulnerabilities evaluated by Pen and Foss security testing tools. This role is expected to work closely with Risk management, End to End Testing and Release Management teams to resolve security vulnerabilities within the due date and strengthen the Security posture of Applications in DTCC. There is also significant opportunity for advancement and growth in this role based on your performance and contribution towards the organization goals.
- To review and remediate Security findings from Pentest, FOSS and Fortify reports.
- Manage integration with vulnerability check tools such as Static Code Analysis and Dynamic Code Analysis tools.
- Identify and implement efficiencies and improvements to standard processes and procedures such as automation through scripting, programming, etc
- Understands corporate info. security standards; ensures test plans validate security requirements.
- Follow best security practices while coding to prevent any security incidents.
- Willingness to play the Security Maven will be an added advantage.
- Is familiar with different software development methodologies (Waterfall, Agile, Scrum, Kanban).
- Mitigates risk by following established procedures, spotting key errors and demonstrating strong ethical behavior.
- Engages in activities to support the broader organization
Talents Needed for Success:
- Minimum of 5 years of related experience.
- Bachelor's degree in Computer Science is required, Masters' preferred or equivalent experience.
- Strong knowledge on OWASP top 10 vulnerabilities & Application Security.
- Strong understanding on Secure Coding and Best Practices.
- Strong Coding Experience on Java and related technologies Java, J2EE, Spring (Boot, Core, MVC,JDBC, Security), Struts, Junit, Hibernate.
- REST APIs, Swagger
- JEE Application servers Tomcat, Websphere, JBOSS.
- DevOps tools like Maven, Jenkins, nexus and fortify.
- Solid understanding of Agile, CI/CD, Dev/Ops practices and tools
- Hand on experience on Fiddler and Burp Suite.
- Knowledge on host operating system Linux, Windows servers and Portal applications would be an added advantage.
- Demonstrates strong analytical and interpersonal skills.
- Experienced in working with a geographically separated team.