LogRhythm, a Thoma Bravo company, empowers more than 4,000 customers across the globe to measurably mature their security operations program. LogRhythm’s award-winning NextGen SIEM Platform makes the world safer by protecting organizations, employees, and customers from the latest cyberthreats. It does this by providing a comprehensive platform with the latest security functionality, including security analytics; network detection and response (NDR); user and entity behavior analytics (UEBA); and security orchestration, automation, and response (SOAR). Learn how LogRhythm empowers companies to be security first at logrhythm.com.
Who we are looking for
LogRhythm is seeking a qualified Senior Software Engineer I with the requisite experience and passion for designing, implementing and delivering secure and compliant products to support our customers need for advanced cyber threat detection and mitigation. As a Senior Software Engineer I focusing on security across the software development lifecycle and the software supply chain, you will work with a team of talented software engineers to design and develop product features and to help insure that LogRhythm’s products are designed and implemented with best-in-class security and that they support various compliance regimes. You will work closely with our development, cloud engineering, SRE, and security teams. You will provide technical leadership and work in an agile organization which uses SAFe (Scaled Agile FW).
Here’s an overview of the responsibilities & challenges ahead
- Lead the design, development, and implementation of SaaS microservices and associated architecture
- Ensure designs meet technical, functional, security, and compliance requirements
- Work closely with a Product Owner and Development Manager to plan out work
- Mentor other team members in growing their skills/careers
- Help steer and evangelize solutions, best practices and new ideas across multiple teams in the organization
- Conduct tech talks or other brown bags across the organization
- Participate and provide input into hiring and candidate selection
- Collaborate with Architects to improve designs, architecture, security, and compliance of our products
- Participate in code reviews across multiple teams, with a special emphasis on security and compliance
- Perform software security testing including various static and dynamic security scans
- Review designs, code, infrastructure, and the software supply chain for security and compliance-related defects, design and implement security-focused features, and suggest changes to existing products to improve security and compliance
- Remediate security and compliance-related defects and weaknesses
- Participate in Secure Software Development Lifecycle design, maintenance, and governance
- Research and train in all aspects of a secure software development lifecycle, from requirements to design to implementation.
- A bachelor’s degree in Computer Science or similarly relevant engineering or computational discipline experience
- 10+ years of experience developing back-end services in Java
- Expertise in microservice design and implementation including API design
- Experience with standard development and CI/CD tooling (e.g. Git, Jenkins, etc.)
- Experience developing in a cloud environment (e.g. AWS, GCP, Azure)
- Direct experience reviewing code for security issues and reviewing and triaging static and dynamic security scan results
- Direct experience remediating server-side design and code security defects and weaknesses
- Additional experience remediating client-side design and code security defects preferred
- Solid knowledge of Linux and a desire to understand OS security hardening and best practices
- Knowledge of authentication and authorization techniques, including MFA and SSO
- Experience working with compliance regimes such as SOC 2, HIPAA, GDPR, CCPA, etc.
- Ability to create and consider multiple approaches and distill into one recommended well thought out technical strategy including logic/reasoning.
- True team player who can work effectively with teams across the entire organization
- Excellent written and verbal communication skills
- Full stack development experience preferred
Salary and Other Compensation:
- The annual starting salary for this position is between $140,000 - $150,000 depending on experience and other qualifications of the successful candidate.
LogRhythm offers the following benefits for this position, subject to applicable eligibility requirements;
- 401k plan
- Flexible time off
- Employee assistance program
- Created:/ Revised Date: - 9th February 2021
- Reporting to: - Enterprise Software Architect
- Location: - Boulder, Colorado or the Denver Technical Center (will consider US remote working)
- Employment Status: - Full Time
- FLSA/ Applicable State Law Status- Except
Workplace equality & inclusion are not just words or topics for LogRhythm, they are part of our core values, beliefs, and integral to our company culture. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors. LogRhythm was built on the principals of innovation, dedication, creativity, and commitment. It is through these key areas we were able to grow as an equal and inclusive workplace, one where our employees feel respected and safe in.
Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. The company reserves the right to modify this information at any time, subject to applicable law.