What we need…

A Mobile Security Engineer to focus on identifying vulnerabilities, coding security enhancements, and educating the team on secure coding practices within our software development division. In this role, you will work collaboratively across teams to conduct regular security audits, author security policies and procedures, and better integrate security into our software development lifecycle. This role will combine experience in full-stack development and security engineering to enhance our mobile banking product.

What’s in it for you…

COCC offers a unique and collaborative experience as you grow your career with us and all of the benefits you’d expect from an award-winning employer plus:

• Hybrid schedules and ample paid time off allowing you work/life balance and flexibility
• Customized training and onboarding to support you in your first year at COCC
• Robust employee development programs aligned with career pathing objectives
• Cutting-edge training and educational resources from vendors like SANS, PluralSight and CBTNuggets
• Generous PTO offerings, benefits and competitive compensation
• On-site fitness centers, wellness incentives, and lifestyle spending accounts
• Tuition Reimbursement
• One-on-one career coaching
• DEIB initiatives championing inclusion and encouraging you to bring your whole self to work
• Financial planning assistance with certified professionals
• Peer recognition programs

What you’ll do…

• Identify vulnerabilities in our applications, creating security policies and procedures, and educating teams on secure coding practices
• Work with the relevant teams to assess and integrate network security tools into our software development lifecycle (SDLC) processes
• Conduct regular security audits and assessments of production environments/mobile applications.
• Support security teams in monitoring and analyzing production data and help respond to security threats.
• Develop and maintain security monitoring tools and scripts.

What you’ll bring…

• Bachelors in Computer Science, IT or related field is preferred for this role but will consider appropriate work experience and/or relevant certifications
• 4-6 years full stack software development experience with a focus on security engineering
• Familiarity with Android and iOs specific security practices, binary protection and application integrity checks
• Knowledge of security monitoring tools and techniques
• Knowledge of of industry-standard encryption algorithms (e.g., AES, RSA) to secure data both in transit (via SSL/TLS) and at rest
• Hands on experience securing API calls and utilization of best practices in securing API interactions
• Experience with WAF, digesting WAF logs, SAST, DAST and SCA tools
• Experience conducting or supporting penetration tests, including web application and API penetration testing
• Ability to effectively communicate and collaborate across varying teams and departments
• Desire to continue learning and developing skills in the latest security and software development practices
• GMOB certification required; GSEC and OSCP certifications a plus
• Available to work in the Southington, CT office on a hybrid schedule

The salary range for this position is $110000 - 155000 annually

Applicants for employment in the US must have work authorization that does not currently or in the future require sponsorship of a visa for employment authorization in the United States.

Accessibility - If you’re a job seeker with a disability and require accessibility assistance or an accommodation to apply for one of our jobs, please let us know by calling 860-678-0444 or emailing TalentManagement@cocc.com. Please specify the help you need and we’ll be happy to get back to you!