Senior Software Process Engineer Job Summary

Apply Now

Job: 34226-DCOL Location: US-MA-Natick Department: Software Process Engineering

Will be responsible for planning, implementing and monitoring security measures for the protection of MathWorks’ sophisticated software; improving and evangelizing MathWorks security practices, processes and tools, with a focus on: development security, Secure SDLC, security testing, secure coding standards, threat modeling, phishing, and SOC2 compliance; providing internal consulting and coaching support, evangelizing new security tools and best practices, and creating and delivering learning resources; identifying and monitoring issues that impact organizational goals related to security; developing clear and well-scoped problem statements, and initiating and driving related security projects to completion; creating new processes, resources and reference content facilitating organizational adoption of security tools and standards through thoughtful change management strategies; supporting the Development organization's growth and learning around MathWorks standard security processes; evaluating impact with Kirkpatrick Level 1-4 evaluations; and reviewing, cataloging and promoting user-created security and resources. Position reports to Natick, Massachusetts headquarters and may work remotely from a home office anywhere in the United States.

Responsibilities

  

Minimum Qualifications A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required. Additional Qualifications

Minimum Qualifications:

Education and Experience:

 Master’s degree in Engineering, Computer Science, Cybersecurity, or a closely related field (or foreign education equivalent) and two (2) years of experience as a Senior Software Process Engineer (or related occupation) testing or analyzing and evaluating security of software applications.

OR

Ph.D. degree in Engineering, Computer Science, Cybersecurity, or a closely related field (or foreign education equivalent) and no experience.

 

OR

 

Bachelor’s degree in Engineering, Computer Science, Cybersecurity, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Senior Software Process Engineer (or related occupation) testing or analyzing and evaluating security of software applications.

 

Special Requirements:

Demonstrated expertise identifying and exploiting security vulnerabilities using security testing tools using Metasploit, Burpsuite, Immunity Debugger, or IDA Pro. Demonstrated expertise performing threat analysis using threat modeling methodologies -- STRIDE or DREAD-- and modeling tools -- Microsoft Threat Modeling tool, OWASP Threat Dragon, or Threat Modeler. Demonstrated expertise analyzing security issues, providing comprehensive reports on potential vulnerabilities, and effectively communicating these findings to mitigate and prevent future risks. Demonstrated expertise creating and improving processes to support the Software Development Life Cycle (SDLC) according to scrum-based Agile methodologies.

[Expertise may be gained during Graduate program.]