Do you want to help eliminate barriers between ideas and business outcomes? We want you to bring your unique experiences and creative ideas to the table. CA Technologies provides software and solutions that help our customers to develop, manage, and secure complex IT environments to increase productivity and enhance competitiveness in their businesses. It’s our aim to encourage global collaboration and results-oriented innovation, while supporting and developing our talented people and our communities. CA Technologies will empower you to drive authentic success, for both the business and yourself in the application economy.

CA Veracode is seeking a highly-motivated, detail-oriented individual to join our Information Security team. As a leader in the Application Security community, our customers rely on us to deliver a world-class platform in a highly secure fashion. In this role, you will have the opportunity to help make our infrastructure, products, and customers more secure.

The role of Principle Information Security Engineer will include the following responsibilities:

• Continuously monitor and improve the security posture of the company
• Provide defensive recommendations on new threats to global systems, applications, and technologies
• Drive adoption of security tools and best practices specifically within cloud infrastructure
• Participate and lead response to security incidents as a member of the Incident Response Team
• Collaborate with other teams inside of Veracode to deploy new security-related tools and processes across the organization

Required Experience:

• BS or MS in Computer Science, Engineering, or Information Security
• Minimum of 5 years of experience in information security or a mixture of related technical fields
• Strong background in Information Security concepts
• Familiarity with FedRAMP and/or other regulations/frameworks (ex: PCI, PII, ISO 27001, NIST)
• Experience with LAN/WAN networking and security infrastructure (Firewalls, IDS/IPS, and VPNs). System hardening and incident response
• Capable of performing incident response activities with tools such as Splunk, Fidelis, FireEye
• Managed or lead vulnerability management processes with tools such as Nexpose, Nessus, or Qualys
  
   

Desired Qualifications:

• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within IaaS, PaaS, SaaS, and other cloud environments
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms
• Exposure to Public Key Infrastructure (PKI) management including AWS KMS, Hashicorp Vault, and Gemalto SafeNet KMS
• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
• Experience with deployment orchestration, automation, and security configuration management
• Recognized security certifications are highly desirable (CISSP, CISA, GIAC, CEH and others)

vcode

More About Working at CA:

CA has earned scores of Workplace Excellence awards in the last few years – and there’s a reason for that. Here you’ll have the opportunity to eliminate barriers for our customers and earn a competitive compensation and total rewards package – all while pushing the boundaries of what’s possible by collaborating with a diverse team of global innovators. In short, CA’s fun, diverse, and fast-paced culture has put us on the map as one of the best employers in Information Technology.

We offer competitive salary, company-sponsored premium Medical/Prescription & Dental Plans, company-paid Holidays, Vacation, Anniversary Service and Sick Days, 401(k) Plan, Education/Training Reimbursement, Charitable Gift Program, Adoption Assistance Program.