Requirements - Corp/Field Mgmt
Software Security Engineer
JCPenney Company, Inc.
The Software Security Engineer will establish, perpetuate, and champion secure software best practices across the whole of JCPenney. Reporting to the Senior Manager of Infrastructure & Operations the Software Security Engineer will collaborate with JCPenney’s engineering teams to ensure JCPenney’s software is securely developed and deployed.
Establish JCPenney’s center of excellence for secure software development
Closely partner with JCPenney’s engineering teams to ensure secure software development and deployment
Provide production quality code and examples where necessary
Create a risk assessment and scoring process for developed and deployed software
Ensure engineering teams utilize relevant tools to automate and streamline secure software development
Develop policies for secure development to deploy across JCPenney
Continually educate JCPenney’s engineering teams on the latest software vulnerabilities, exploits, and secure patches
Participate in vendor evaluation and selection processes to ensure JCPenney utilizes partners with robust security practices
Recruit, develop and retain exceptional talent for the Software Security Team as appropriate
Core Competencies & Accomplishments:
Deep understanding of secure software development and deployment best practices in a distributed enterprise environment
Strong software development fundamentals with the ability to write production quality code
Exceptional knowledge of web, mobile, tablet, and desktop application security best practices
Prior success in senior security and risk assessment roles
Expertise in security automation and auditing tools e.g. Fortify, Klocwork, etc.
Network of relevant software security talent
Bachelor’s degree in computer science or related technical field
CISSP Certification required, PCI compliance expertise preferred
JCPenney is transforming itself to become America’s favorite store. Please send your resume and contact information to firstname.lastname@example.org for further review.