Contract: Ruby & Ruby on Rails Security Software Engineer
Company: Upwork
Location: San Francisco
Posted on: August 7, 2022
Job Description:
Upwork ($UPWK) is the world's work marketplace. We serve
everyone from one-person startups to over 30% of the Fortune 100
with a powerful, trust-driven platform that enables companies and
talent to work together in new ways that unlock their
potential.Last year, more than $3.3 billion of work was done
through Upwork by skilled professionals who are gaining more
control by finding work they are passionate about and innovating
their careers.This is an engagement through Upwork's Hybrid
Workforce Solutions (HWS) Team. Our Hybrid Workforce Solutions Team
is a global group of professionals that support Upwork's business.
Our HWS team members are located all over the world.Work/Project
Scope
- Design and develop Upwork Application Security Health Platform
to monitor for and encourage security and engineering best-practice
across the organization.
- Create an analytics and reporting system with input tools such
as Sonarqube, Veracode, Qualys, and Bitbucket to track security
gaps, and report on overall application security scores using
intuitive dashboards.
- Review and define requirements for information security
solutions around applications security, QA Security Testing,
Penetration Testing, and software vulnerability management
programs.
- Integrate static, dynamic and software composition application
security scanning and analysis into CI/CD pipeline (learning
opportunity and as time allows)
- Partner with QA to identify security testing requirements and
opportunities to improve security testing use cases and coverage
(learning opportunity and as time allows)
- Evaluate and recommend solutions for applications security
(learning opportunity and as time allows)Must Haves (Required
Skills)
- Design, build, and maintain efficient, reusable, and reliable
Ruby code
- Experience working with Information Security team, creating
solutions for application and/or infrastructure security reporting
and assessments
- Experience working with QA Teams building and automating
security testing is a plus
- Experience working with information security teams supporting
cybersecurity organizational goals and secure delivery of products
is a plus
- Experience working with industry-leading application security
scanners and analysis tools. Experience with Sonarqube, Veracode,
Netsparker, Snyk or similar tools is preferred
- Experience working with ticketing and tracking tools such as
JiraUpwork is proudly committed to fostering a diverse and
inclusive workforce. We never discriminate based on race, religion,
color, national origin, gender (including pregnancy, childbirth, or
related medical condition), sexual orientation, gender identity,
gender expression, age, status as a protected veteran, status as an
individual with a disability, or other applicable legally protected
characteristics.
Keywords: Upwork, San Francisco , Contract: Ruby & Ruby on Rails Security Software Engineer, IT / Software / Systems , San Francisco, California
Didn't find what you're looking for? Search again!
Loading more jobs...