Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Pearson Education

Software Developer (Security-Focused, Java) (2104383)

Law Enforcement and Security

Diplomatic Security

Yearly

No

Minneapolis, Minnesota, United States

Software Developer (Security-Focused, Java) - ( 2104383 )

Description

We are the world’s learning company with more than 21,000 employees operating in 70 countries. We combine world-class educational content and assessment, powered by services and technology, to enable more effective teaching and personalized learning at scale. We believe that wherever learning flourishes, so do people.

Pearson VUE is a business of Pearson, the world's leading learning company with global-reach and market-leading businesses. Pearson is listed on both the London and New York stock exchanges (UK: PSON; NYSE: PSO).

Who is Pearson VUE?

Each year millions of people around the world take an exam with Pearson VUE. Chances are you, or someone you know, has recently tested with us. Your neighbor the computer programmer, your dad’s nurse, your child’s teacher or your local real estate agent. All demonstrate their knowledge, skill and commitment when they test with Pearson VUE.

Bloomington, MN location required

As a security-focused developer, you will be responsible for improving application security across the platform. Initially this position will focus on hands-on development work to resolve vulnerabilities. This will transition into an increasing focus on identifying, assessing, escalating, and coordinating fixes across teams. This is a new role for this platform; however, you will work with security experts on other platforms and teams. The ideal candidate is a proven software developer who thrives working independently and setting their own direction, while also effectively collaborating and educating others. Candidates for this role are not expected to be security experts but they must have a strong interest and ability to learn security.

Developer responsibilities include full lifecycle activities using industry best practices in an agile, results driven environment while working with a diverse group of high-performing, experienced teams. You will be expected to continually grow and challenge all of us to raise the bar even higher with your contributions to people, process and technology. We are looking for another highly collaborative team member that has a passion for excellence and innovation and knows the importance of fun, self-care and flexibility while working on a variety of complex and challenging projects.

Responsibilities

  • Work closely with product and platform teams to implement changes to address security vulnerabilities. Maintain and support mission-critical applications as necessary. Full-lifecycle activities include following Pearson VUE and industry standards for analysis, requirements, design, reviews, testing, deployment, automation and support.
  • Increasing willingness and ability to expand security knowledge (with focus on Application Security), and work across teams and platforms to proactively find and mitigate security vulnerabilities.
  • Increasing ability and proactive focus on security related: communication, controls, best practices, industry knowledge, subject matter expertise across the platform, automation, reviews, documentation, training, mentoring, and process and procedures.
  • Performs other duties as assigned.

Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.

Qualifications

Required Education & Experience

  • Bachelor's degree in Computer Science, MIS, or equivalent technology discipline
  • 5 years minimum industry Java development required
  • 3 years industry programmatic interaction with relational database systems
  • The current technology stack for our department includes but is not limited to: Java, Angular/AngularJS, Spring, Web Services (REST/SOAP), Angular, JPA/Hibernate, Swing, RESTEasy, SQL Server, RabbitMQ, Azure, Apache CXF, and Spring Boot.
  • Industry experience in OOAD, agile processes, design patterns, SQL and UML

Desired Knowledge, Skills & Abilities

  • Interest and ability to learn application security in a global enterprise IT environment
  • Proven ability to quickly learn new processes and tools, business domains and technical apps
  • Must have strong time management skills - including ability to work well under pressure, plan, set priorities, adapt to change, and meet established timelines
  • Must develop effective relationships with internal and external contacts and work well within and across teams
  • Must assimilate information, distill knowledge, apply experience and provide solution alternatives and recommendations
  • Experience working in agile environment
  • Experience in understanding software architecture
  • Experience in creating design/solution documents and test driven development
  • Desire to expand knowledge in many development languages, applications, and tools
  • Ability to think technically and analytically
  • Must be a self-starter and detail-oriented
  • Must have a “positive” and energetic demeanor
  • Effective written and verbal communication skills
  • Creative problem-solving skills

Industry experience with all of the following (3-4 years industry experience required)

  • Experience with Java and web applications, single-page Angular applications, REST and SOAP APIs
  • Technologies: Java SE AND EE, Angular/AngularJS (or other Javascript frameworks such as jQuery), Spring Security, REST services, JPA/Hibernate, SQL, JBOSS OR Tomcat

Experience with the following (Preferred; otherwise, strong desire to learn)

  • Well-rounded background in application security
  • Experience driving a culture of security awareness
  • Current understanding of industry security trends and emerging threats
  • Strong preference for working experience with security tools, using static code analysis, dynamic code analysis, and 3rd party library assessment tools
  • Experience implementing security controls in a global enterprise IT environment
  • Familiar with OWASP Secure Coding Practices, Continuous Integration/Continuous Deployment (CI/CD) processes/concepts, REST API technology and methods, and common security vulnerabilities and fixes
  • Knowledge and remediation experience of common OWASP security risks such as SQL injection, XSS, DDoS, CSRF, XEE
  • Proven ability in security process and organizational design
  • Swing, RESTEasy, SQL Server (Transact-SQL), RabbitMQ, Azure, Apache CXF, SpringBoot, Gradle build framework, Docker, Kubernetes, Splunk, NewRelic

Primary Location : US-MN-Bloomington

Work Locations :

US-MN-Bloomington-5601 Green Valley

5601 Green Valley DriveSuite 220

Bloomington55437

Job : Technology

Organization : Assessments VUE

Employee Status : Regular Employee

Job Type : Standard

Job Level : Individual Contributor

Shift : Day Job

Travel : No

Job Posting : Mar 29, 2021

Job Unposting : Ongoing

Schedule: : Full-time Regular

Req ID: 2104383