Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Pearson Education

Software Developer (Security-Focused, Java) (2104383)

Law Enforcement and Security

Diplomatic Security

Yearly

No

Minnesota, United States

We are the world’s learning company with more than 21,000 employees operating in 70 countries. We combine world-class educational content and assessment, powered by services and technology, to enable more effective teaching and personalized learning at scale. We believe that wherever learning flourishes, so do people.

Pearson VUE is a business of Pearson, the world's leading learning company with global-reach and market-leading businesses. Pearson is listed on both the London and New York stock exchanges (UK: PSON; NYSE: PSO).

Who is Pearson VUE?

Each year millions of people around the world take an exam with Pearson VUE. Chances are you, or someone you know, has recently tested with us. Your neighbor the computer programmer, your dad’s nurse, your child’s teacher or your local real estate agent. All demonstrate their knowledge, skill and commitment when they test with Pearson VUE.

Bloomington, MN location required

As a security-focused developer, you will be responsible for improving application security across the platform. Initially this position will focus on hands-on development work to resolve vulnerabilities. This will transition into an increasing focus on identifying, assessing, escalating, and coordinating fixes across teams. This is a new role for this platform; however, you will work with security experts on other platforms and teams. The ideal candidate is a proven software developer who thrives working independently and setting their own direction, while also effectively collaborating and educating others. Candidates for this role are not expected to be security experts but they must have a strong interest and ability to learn security.

Developer responsibilities include full lifecycle activities using industry best practices in an agile, results driven environment while working with a diverse group of high-performing, experienced teams. You will be expected to continually grow and challenge all of us to raise the bar even higher with your contributions to people, process and technology. We are looking for another highly collaborative team member that has a passion for excellence and innovation and knows the importance of fun, self-care and flexibility while working on a variety of complex and challenging projects.

Responsibilities

  • Work closely with product and platform teams to implement changes to address security vulnerabilities. Maintain and support mission-critical applications as necessary. Full-lifecycle activities include following Pearson VUE and industry standards for analysis, requirements, design, reviews, testing, deployment, automation and support.
  • Increasing willingness and ability to expand security knowledge (with focus on Application Security), and work across teams and platforms to proactively find and mitigate security vulnerabilities.
  • Increasing ability and proactive focus on security related: communication, controls, best practices, industry knowledge, subject matter expertise across the platform, automation, reviews, documentation, training, mentoring, and process and procedures.
  • Performs other duties as assigned.

Qualifications

Required Education & Experience

  • Bachelor's degree in Computer Science, MIS, or equivalent technology discipline
  • 5+ years minimum industry Java development required
  • 3+ years industry programmatic interaction with relational database systems
  • The current technology stack for our department includes but is not limited to: Java, Angular/AngularJS, Spring, Web Services (REST/SOAP), Angular, JPA/Hibernate, Swing, RESTEasy, SQL Server, RabbitMQ, Azure, Apache CXF, and Spring Boot.
  • Industry experience in OOAD, agile processes, design patterns, SQL and UML

Desired Knowledge, Skills & Abilities

  • Interest and ability to learn application security in a global enterprise IT environment
  • Proven ability to quickly learn new processes and tools, business domains and technical apps
  • Must have strong time management skills - including ability to work well under pressure, plan, set priorities, adapt to change, and meet established timelines
  • Must develop effective relationships with internal and external contacts and work well within and across teams
  • Must assimilate information, distill knowledge, apply experience and provide solution alternatives and recommendations
  • Experience working in agile environment
  • Experience in understanding software architecture
  • Experience in creating design/solution documents and test driven development
  • Desire to expand knowledge in many development languages, applications, and tools
  • Ability to think technically and analytically
  • Must be a self-starter and detail-oriented
  • Must have a “positive” and energetic demeanor
  • Effective written and verbal communication skills
  • Creative problem-solving skills

Industry experience with all of the following (3-4 years industry experience required)

  • Experience with Java and web applications, single-page Angular applications, REST and SOAP APIs
  • Technologies: Java SE AND EE, Angular/AngularJS (or other Javascript frameworks such as jQuery), Spring Security, REST services, JPA/Hibernate, SQL, JBOSS OR Tomcat

Experience with the following (Preferred; otherwise, strong desire to learn)

  • Well-rounded background in application security
  • Experience driving a culture of security awareness
  • Current understanding of industry security trends and emerging threats
  • Strong preference for working experience with security tools, using static code analysis, dynamic code analysis, and 3rd party library assessment tools
  • Experience implementing security controls in a global enterprise IT environment
  • Familiar with OWASP Secure Coding Practices, Continuous Integration/Continuous Deployment (CI/CD) processes/concepts, REST API technology and methods, and common security vulnerabilities and fixes
  • Knowledge and remediation experience of common OWASP security risks such as SQL injection, XSS, DDoS, CSRF, XEE
  • Proven ability in security process and organizational design
  • Swing, RESTEasy, SQL Server (Transact-SQL), RabbitMQ, Azure, Apache CXF, SpringBoot, Gradle build framework, Docker, Kubernetes, Splunk, NewRelic

Learning is the most powerful force for change in the world. More than 20,000 Pearson employees deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We are the world’s leading learning company. Learn more at pearsonplc.com.

Pearson believes that wherever learning flourishes, so do people. We are committed to being an anti-racist company in everything we do. We value the power of an inclusive culture and a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm, and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity, and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to a sustainable environment and workplace where talent can learn, grow, and thrive.  

To learn more about Pearson’s commitment to a diverse and inclusive workforce, please click here: 

http://www.pearson.com/careers/diversity-and-inclusion.html

Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.

Job: TECHNOLOGY

Organization: Assessments VUE

Schedule: FULL_TIME

Req ID: 2104383