Pearson Jobs

Job Information

Pearson Software Developer (Security-focused) in Bloomington, Minnesota

Software Developer (Security-focused)

Description

As the global leader in electronic testing, Pearson VUE ( www.pearsonvue.com at http://www.pearsonvue.com/ ) validates the skills and knowledge of millions of individuals every year. Our customers’ high-stakes certification, licensure, admissions and other credentialing exams help people advance in technology, government and professional careers, as well as attain educational growth. Pearson VUE offers proctored exams through the world's largest network of test centers in addition to testing in online and unproctored environments.

Pearson VUE is a business of Pearson, the world's leading learning company with global-reach and market-leading businesses. Pearson is listed on both the London and New York stock exchanges (UK: PSON; NYSE: PSO). For more information, visit www.pearson.com at http://www.pearson.com/ .

Bloomington, MN location required

As a security-focused developer, you will be responsible for improving application security across an entire platform. This includes identifying, assessing, escalating, and coordinating fixes across teams, plus a significant portion of hands-on work resolving vulnerabilities. This is a new role for this platform; however, you will work with security experts on other platforms and teams. The ideal candidate thrives working independently, setting their own direction, educating others, and collaborating very effectively. Candidates for this role are not expected to be security experts but they must have a solid baseline of security knowledge, strong development skills, and a willingness to rapidly and proactively expand their skills and knowledge.

Developer responsibilities include full life-cycle activities using industry best practices in an agile, results driven environment while working with a diverse group of high-performing, experienced teams. You will be expected to continually grow and challenge all of us to raise the bar even higher with your contributions to people, process and technology. We are looking for another highly collaborative team member that has a passion for excellence and innovation and knows the importance of fun, self-care and flexibility while working on a variety of complex and challenging projects.

The technology stack for our department includes but is not limited to: Java, Angular/AngularJS, Spring, REST services, JPA/Hibernate, Swing, RESTEasy, SQL Server, RabbitMQ, Azure, Apache CXF, and SpringBoot.

Responsibilities

  • Understand and apply industry-leading security controls and best practices with focus on Application Security. Communicate security risks and solutions to business partners and IT staff.

  • Work closely with product and platform teams to implement, upgrade and monitor security controls and measures, while offering coaching and support

  • Provide security subject matter expertise and help project teams comply with a variety of regulations and policies. Assess current security posture and future architecture, providing a viable solution path to bridge the gap that balances security risks and product advancement.

  • Secure DevOps/Secure SDLC, including: automate security controls, security reviews of software applications, process and procedure improvements to reduce risk

  • Create design, solution and vision documentation, lead design and code reviews of changes, implement changes following Pearson standards, work with other teams to test and deploy changes following Pearson processes, and create unit/automated tests where applicable.

Qualifications

Required Education & Experience

  • Bachelor's degree in Computer Science, MIS, or equivalent technology discipline

  • Familiar with OWASP Secure Coding Practices, Continuous Integration/Continuous Deployment (CI/CD) processes/concepts, REST API technology and methods, and common security vulnerabilities and fixes

  • Proven ability in security process and organizational design

  • Current understanding of industry security trends and emerging threats

  • 3 years minimum Java development required

  • 3 years programmatic interaction with relational database systems

  • Current technology stack: Java, JPA, Hibernate, Web Services (REST/SOAP), Angular

  • Experience in OOAD, agile processes, design patterns, SQL and UML

Desired Knowledge, Skills & Abilities

  • Well-rounded background in application security

  • Experience implementing security controls in a global enterprise IT environment

  • Experience driving a culture of security awareness

  • Experience working in agile environment

  • Experience in understanding software architecture

  • Experience in creating design/solution documents and test driven development

  • Desire to expand knowledge in many development languages, applications, and tools

  • Proven ability to quickly learn new processes and tools, business domains and technical apps

  • Ability to think technically and analytically

  • Must assimilate information, distill knowledge, apply experience and provide solution alternatives and recommendations

  • Must have strong time management skills - including ability to work well under pressure, plan, set priorities, adapt to change, and meet established timelines

  • Must develop effective relationships with internal and external contacts and work well within and across teams

  • Must be a self-starter and detail-oriented

  • Must have a “positive” and energetic demeanor

  • Effective written and verbal communication skills

  • Creative problem-solving skills

Experience with all of the following (2-3 years experience required)

  • Strong preference for working experience with security tools, using static code analysis, dynamic code analysis, and 3rd party library assessment tools

  • Knowledge and remediation experience of common OWASP security risks such as SQL injection, XSS, DDoS, CSRF, XEE

  • Experience with Java and web applications, single-page Angular applications, REST and SOAP APIs

  • Technologies: Java SE AND EE, Angular/AngularJS (or other Javascript frameworks such as jQuery), Spring Security, REST services, JPA/Hibernate, SQL, JBOSS OR Tomcat

Experience with some or all of the following tools (Preferred)

  • Swing, RESTEasy, SQL Server (Transact-SQL), RabbitMQ, Azure, Apache CXF, SpringBoot, Gradle build framework, Docker, Kubernetes, Splunk, NewRelic

#LI-POST

Primary Location: US-MN-Bloomington

Work Locations: US-MN-Bloomington-5601 Green Valley 5601 Green Valley Drive Suite 220 Bloomington 55437

Job: Technology

Organization: Assessments VUE

Employee Status: Regular Employee

Job Type: Standard

Shift: Day Job

Job Posting: Sep 1, 2020

Job Unposting: Ongoing

Schedule: Full-time Regular

Req ID: 2008276

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

DirectEmployers