Senior Software Engineer - Data Loss Prevention
Job Description:
Note: Fidelity will not provide immigration sponsorship for this position
The Role
Seeking a hardworking, curious person who thrives in an exciting, fast-paced team. This team engages in high-profile security projects to improve Fidelity’s security posture and prevent data leakage. The candidate will be immersed in a setting that spans various operating systems, addressing a constantly evolving threat landscape, working with numerous security teams.
The Expertise You Have and The Skills You Bring
The ideal candidate should have either a Bachelor's degree with five years of experience, or a Master's degree with three years of experience in Computer Science, Engineering, Information Technology, or a related field, having crafted, developed, tested, and implemented front-end and back-end applications in a multi-OS environment and using secure software lifecycle principles. Your background should have a significant focus on Data, Cyber, and Cloud security, with experience in defining and implementing data security strategies & controls to protect critical information. We are looking for a curious mind with strong analytical skills to identify risks and problem solve, who is a quick learner and can easily adapt to new tools and technology.
Knowledge of cybersecurity threats and incident response, preferably also with a foundation in insider threat and data loss prevention
Confirmed ability to develop scalable back-end solutions using Python frameworks including Django, Flask, or FastAPI. Crafting responsive user interfaces (UI) with front-end technologies like Angular, JavaScript, and PHP. Performing data automation and analysis with MySQL, Postgres, and NoSQL databases such as DynamoDB. Adheres to secure coding practices.
Experience setting up cloud infrastructure within Amazon Web Services (AWS) or Azure to automate processes, working in multi-cloud environments; developing and deploying applications using AWS (Lambda, KMS, API Gateway, and SQS) and Azure services (Virtual Machines, Blob Storage, and App services), implementing Infrastructure as Code (IaC) using ARM templates, Terraform, and CloudFormation; and maintaining network services (firewalls, VPNs, Domain Name System (DNS) or load balancing) using cybersecurity tools (AWS Shield, Azure Security Center, or WAF)
Experience building CI/CD pipelines using Jenkins, uDeploy, JFrog Artifactory, or GitHub Actions; scripting with Shell, Groovy, or PowerShell; evaluating code quality using SonarQube tools, Azure Monitor, CloudWatch and Datadog; performing testing in Python, and implementing container platforms using Docker and Kubernetes and integrating security testing in CI/CD pipelines using GitHub secret scanning, OWASP principles, compliance checks, and vulnerability scanning, as well as using secure web gateways and proxy solutions
Some experience performing in the full Secure Software Development Lifecycle (SSDLC) translating business requirements into technical specifications, following an architecture design, and testing and providing technical support to ensure the project delivery meets client expectations
The Team
The Cybersecurity Analyst will be working on a team of systems and software engineers focusing on insider risks and Data Loss Prevention (DLP). This role will involve working closely with Data Analytics, Insider Operations and Security Operations Center (SOC) teams to help mitigate risk across Fidelity’s computing environment.
Certifications:
Category:
Information TechnologyMost roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles.
Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.