Job Description

Job Description

Job Description

Software Security Engineer IV

US-VA-Arlington

Job ID: 2025-2454
Type: Regular Full-Time
# of Openings: 1
Category: Security, Network and Risk
Arlington

Overview

It's a great time to join us at Airlines Reporting Corporation (ARC)! ARC accelerates the growth of global air travel by delivering forward-looking travel data, flexible distribution services and other innovative industry solutions. We are a leading travel intelligence company with the world’s largest, most comprehensive global airline ticket dataset, including more than 15 billion passenger flights. By working here, you can contribute to solutions and expertise that strengthen economies and enrich lives. We think big, embrace challenges and explore new ideas to lead the way for the travel industry.

ARC is looking for a Software Security Engineer IV to join our team! In this role, you will establish innovative programs to ensure secure software is created to support the development of products used by customers including airlines and travel agencies. You'll educate product teams in collaboration with Site Reliability Engineers and Solution Architects, and continue to advance the security function by leveraging best practices. You will be expected to influence engineers and architects across product teams to help design and develop solutions satisfying security requirements. You will interact with peers in Business Technology to improve and communicate the security vision and evolve our methodology.

Responsibilities

1. Maintain a roadmap for the Software Security Engineering program and lead efforts to mature and evolve it over time. Evolve programs over time to achieve desired results and mitigate risk, including providing meaningful insights on how security controls can be enhanced which will be shared with ARC leadership and auditors to show ongoing due diligence.
2. Influence workstreams regarding secure coding practices, process automation, key rotation, cryptography, access controls, and auditability.
3. Evangelize security best practices to the development organization.
4. Influence engineers and architects across the organization to assist in the creation of patterns, templates, and standards.
5. Ensure the threat pattern library is up to date and mitigating risk effectively.
6. Provide others with the latest information regarding security testing tools, trends, and secure coding practices through continual learning, maintaining certifications, and being plugged in to threat intelligence communities.
7. Recommend improvements to the overall security posture of the organization through technical and administrative controls.

Qualifications

• Bachelor’s Degree in Computer Science or related field preferred, equivalent work experience considered; Master’s Degree preferred.
• 7+ years development experience working with languages such as JavaScript, Python, Java.
• 5+ years working in an Agile, DevOps, CI/CD environment.
• 3+ years working with static and dynamic analysis testing tools.
• 3+ years working in a security or risk capacity.
• Cloud Based Solutions/Technologies (AWS, Google, Azure). AWS developer environment including, but not limited to, Lambda, API Gateway, DynamoDB, S3, CloudWatch.
• Implementation of modern application and infrastructure design patterns, including micro-services and containers, disposable, reactive, stateless and distributed patterns.
• Open source technologies including, but not limited to, NodeJS, OpenJDK, React, and NoSql DynamoDB database(s).
• DevOps tools including Terraform/Cloud formation, GitLab pipeline, Jira, automated test and deployment tools.
• Ability to lead projects and/or implement complex systems without management or teammate assistance.

PM21

Compensation details: 123800-204300 Yearly Salary

PI992310d47fb7-25405-38639728

Job Tags

Full time, Work experience placement, Flexible hours,

Similar Jobs