Full Time

Software Engineer – Software Development Jobs

Posted 11 months ago
Alabama
$42 - $65 per hour

Job Description

Job Type: Security Software Engineer from home
Location: Alabama work from home
Company: Paylocity

The DevSecOps Engineer role at Paylocity involves understanding and guiding internal teams on best practices in software security and architecture for Paylocity’s Information Systems. Responsibilities include the development and maintenance of internal application security tools, as well as conducting threat modeling, static analysis, and dynamic analysis of web and mobile applications.

Responsibilities:

Key responsibilities of the position include:

  • Developing, implementing, and maintaining automated security testing tools and processes to identify vulnerabilities.
  • Collaborating with software developers to integrate security throughout the software development lifecycle.
  • Integrating security tools and practices into CI/CD pipelines to ensure secure code releases.
  • Proactively identifying and addressing classes of security vulnerabilities.
  • Providing expert guidance and recommendations on strategic and tactical security architecture topics.
  • Supporting offensive security professionals by suggesting remediation strategies for reported vulnerabilities.
  • Assisting developers in remediating vulnerabilities through line-by-line guidance.
  • Conducting training sessions for development teams on software security best practices and coding standards.

Requirements:

Education and Experience:

  • Bachelor’s Degree in InfoSec, Computer Science, or a related discipline.
  • 3-5 years of experience in full-stack web development, DevSecOps, Security Engineering, or a similar role.
  • Proficiency in scripting languages like Python, Ruby, or Bash.
  • Familiarity with CI/CD tools such as TeamCity, CircleCI, GitLab, or Jenkins.
  • Hands-on experience with SAST, DAST, SCA, and API security tools.
  • Strong knowledge of cloud environments like AWS, Azure, and GCP and their security specifics.
  • Experience in developing and working with Web APIs.
  • Strong knowledge of Security Token Services, Federated Identity Providers, SAML 2.0, claims-based security, and other SSO technologies.
  • Experience in remediating security vulnerabilities beyond OWASP Top 10.

Nice-to-Have Skills:

  • Experience in .NET development is a plus.
  • Familiarity with NoSQL/MongoDB.
  • Functional knowledge of container-based application infrastructure with Docker.
  • Experience working with Payroll, HR, Time & Labor Management, and Online Benefits Enrollment applications.
  • Experience in writing Burp plugins, using open-source security tools, presenting at security conferences, writing technical research papers, or publishing CVEs.

Join Paylocity’s team as a DevSecOps Engineer and contribute to enhancing software security practices. The company values diversity and encourages candidates from various backgrounds to apply.