Software Security Engineer

                                                                                        Powering the world’s payments ecosystem

ACI powers the payments ecosystem – globally, and you power ACI.  You’ll innovate, collaborate, and grow – in an energetic technology culture with decades of proven success.  ACIers – in all roles and levels – are truly your colleagues and many are your friends. Our size and reach allow you to see the global impact of your work. You are visible, your talents are valued, and you are empowered to shape the future of payments.

As an Software Security Engineer in Pune, you will join a diverse, passionate team, dedicated to powering the world’s payments ecosystem!

Job Summary:

We are looking for a Software  Security Engineer to lead the Security practices within the OmniCommerce  and Postilion Retail Payments Portfolio. You will report into a Director of Engineering.

As a leader of the software security practices you will work closely with engineering teams across the software engineering group to ensure that we build secure software and protect ACI and its customers from security related incidents.

• You will be responsible for driving the security process (SAFE) within the software development process. This includes ensuring that the necessary artificats are produced and delivered.
• You will report, track and drive the remediation of security vulnerabilities within our solutions to ensure that engineering teams meet internal security SLAs.
• You will collaborate with the central ACI Software Security Group to drive security enhancements and improved tooling into our software development practise.
• You will help execute dynamic security scans for projects that require them.
• You will be responsible for enhancing and maintaining the automation that runs our security tooling - static code analysis (CheckMarx/Klockwork), dynamic code analysis and 3rd party library vulnerability tracking (BlackDuck) and dynamic scans.
• As a security expert you will be assisting and providing guidance to engineering teams in addressing security vulnerabilities in a timely manner.

Minimum Requirements:

• Bachelor’s degree in computer science or related field or equivalent experience. 
• Specific knowledge of software development technology and methodology 
• Understanding of Application vulnerabilities and their countermeasures. 
• 5+ years of secure Application Development process experience 
• Knowledge of secure application development processes 
• Hands on experience with SAST, DAST and open source security management tools 

Highly Desired Skills: 

• CISSP certification; Ethical hacker training and/or certification; PADSS/PCI DSS experience 
• Application threat modelling 
• Hands on experience with Klockwork, CheckMarx, IBM App Scan, Burp Suite, IriusRisk and Threat modelling tools 
• CICD & Dev/SecOps experience 
• Experience with collaboration with a globally diverse development organization

Core Capabilities:

We seek colleagues who embody our core capabilities — these shape our culture and enable us to make a meaningful impact together:

• Ensure Accountability: holding self and others accountable to meet commitments.

• Drives Results: consistently achieving results, even under tough circumstances.

• Customer Focus: building strong customer relationships and delivering customer-centric solutions.

• Cultivate Innovation: creating new and better ways for the organization to be successful.

• Collaborates: building partnerships and working collaboratively with others.

• Courage: stepping up to address difficult issues, saying what needs to be said.

In return for your expertise, we offer opportunities for growth, career development, and a competitive compensation and benefits package—all within an innovative and collaborative work environment.

Are you ready to help us transform the payments ecosystem? To learn more about ACI Worldwide, visit our web site at www.aciworldwide.com

#LI-SK