Experienced Software Security Engineer - Mainframe Penetration Tester

Job Description: Are you a talented software engineer with a passion for software security? Broadcom’s Mainframe Software Division (MSD) is looking for an Experienced Software Security Engineer to join our R&D organization to drive continuous improvement of secure software development techniques, tools and practices, and conduct penetration testing across the entire product portfolio. Mainframe systems are at the heart of the digital economy. Did you know 67 of the Fortune 100 companies use Mainframes, 45 of the world’s top 50 banks, 8 of the top 10 insurers, 4 of the top 5 airlines, and 7 of the 10 global retailers all rely on the mainframe? With 80% of the world’s structured corporate data residing or originating on mainframes, and 55% of all enterprise applications hitting the mainframe to complete transactions, our industry-leading products are critical to many Fortune 1000 companies. If you want to be part of this interesting and energetic business and work on software that makes a difference to the world’s economy, please apply today. Key Responsibilities: Stay current with the industry on secure software development practices, tools, standards, regulations and requirements. Plan, coordinate and perform penetration testing of MSD products. Provide guidance to engineering teams on how to address identified vulnerabilities. Influence prioritization and implementation of secure software development initiatives for Mainframe Software Division (MSD) to continuously improve security of software products. Assist the education of the Mainframe Software Division R&D staff on secure software development best practices, writing secure code, threat modeling, secure design reviews, secure code reviews, and addressing software vulnerabilities. Requirements: Bachelor's degree or global equivalent in a related field. Typically, 12 or more years of experience in software development or a related field. Technical Skills & Experience: Strong understanding of web technologies (Web applications, Web Services and REST) and network protocols. Software development experience in one of the following core languages: Java, C/C++, Javascript, HLASM. Experience in mainframe software development. Familiarity with HLASM, z/OS, z/OS Security. Experience in mainframe penetration testing. Experience in design and development of Micro-Services, APIs, Enterprise Software Applications. Knowledge of modern secure software development techniques, standards, practices and tools. Experience in Application Security, understanding of typical types of weaknesses (OWASP Top-10, CWE/SANS Top 25 etc) and standards & compliance requirements, such as ISO27034, PCI, FedRAMP, NIST Cybersecurity Framework, US Executive Order 14028 etc. Strong communication skills. Knowledge of CI/CD and DevOps. Experience working as a Software Security Engineer or Penetration Tester is desired. Compensation and Benefits: The annual base salary range for this position is $127,000- $203,000. This position is also eligible for a discretionary annual bonus in accordance with relevant plan documents, and equity in accordance with equity plan documents and equity award agreements. Broadcom offers a competitive and comprehensive benefits package: Medical, dental and vision plans, 401(K) participation including company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company paid holidays, paid sick leave and vacation time. The company follows all applicable laws for Paid Family Leave and other leaves of absence. Broadcom is proud to be an equal opportunity employer. If you are located outside USA, please be sure to fill out a home address as this will be used for future correspondence.#J-18808-Ljbffr