Principal Security Engineer

Principal Security Engineer

Location: Dallas, TX

Model of Work: Hybrid

Are you excited by challenges? Do you enjoy working in a fast-paced, international and dynamic environment? Then now is the time to join Quorum Software, a rapidly growing company and industry leader in oil & gas transformation.

Quorum Software is the world's largest provider of digital technology focused solely on business workflows that empower the next evolution of energy. From emerging companies to supermajors, throughout every region of the globe, customers rely on Quorum's proven innovation and unmatched global expertise to streamline business operations and make data-driven decisions that optimize profitability and growth. Our industry-leading solutions are transforming energy companies across the entire value chain, helping visionary leaders evolve their organizations into modern energy companies.

Overview

The Principal Security Engineer reports to the CTO office. This is a leadership role to help engineers write secure world-class software. Quorum is a rapidly growing company with major engineering offices are in Houston, Dallas, Canada, and Norway. Quorum has over 40 products used by leaders in the energy industry. You will work with the engineering leads for each of the products to drive the development of secure products. These products include multi-tenant SaaS, single-tenant web applications, and classic client-based products. Your initial focus will be developing a Static Analysis Security Testing (SAST), Dynamic Analysis Security Testing (DAST), Source Code Analysis (SCA), and Manual Pen Testing (MPT) program driving OWASP Top Ten educations, and driving common goals between leadership, product owner, product managers, and engineering.

Responsibilities

• Build relationships with product owners, product managers, and engineering leads.
• Lead the effort for security gap analysis on products. Requires challenging assumptions.
• Raise security awareness across the company by working with leadership to determine goals.
• With leadership’s support drive security awareness and commitment throughout the company.
• Develop security education plans, ranging from a general awareness of OWASP Top Ten to a security champion program that leads to CISSP certification.
• Work directly with IT and DevOps to ensure that they are meeting engineering requirements for patching and security hygiene to always develop software on hardened systems.
• Passion for representing customers. Anticipate customer security concerns and listen if they reach out. Actively drive the resolution of security issues with product owners, product managers, and engineering. (Doing what is right is not always popular.)
• And other duties as assigned.

Requirements

• 5+ years in software development, combined with 3+ years of cyber security experience.
• Knowledge of secure web applications, relational databases, load balancers, WAF, etc.
• TLS, HTTPS, TCP, JavaScript,
• SAST, DAST, SCA, and MPT (Veracode preferred)
• Ability to write standards, including Software Development, Logging, Cryptography, etc.
• CISSP or CSSLP (or certification within one year).

Preferred Skills

• 
  SQL Server, IIS, proficiency with at least one programming language, Azure Dev Ops (ADO), C# .Net, Java, SQL, Active Directory (AD), Okta, Azure AD, containers, Azure (or other clouds), and threat modeling.
• Familiarity with GDPR and PII issues

This is a challenging role. Your ability to adapt and solve the unexpected is more critical than your current knowledge. Provide examples of how you were able to adapt to unexpected security challenges.

Additional Details

• Background Check: The successful candidate will need to successfully complete the following clearances: Criminal History Check, Education Verification, Employment Verification, Driver’s License Verification and passport/ID validation.
• Visa Sponsorship: Employment eligibility to work with Quorum Software in the United States is required as the company will not pursue visa sponsorship for this position. The successful candidate will be required to ensure they maintain and renew any visas or permits that grant employment eligibility where applicable.

About Quorum Software
Quorum Software connects people and information across the energy value chain. Twenty years ago, we built the first software for gas plant accountants. Pipeline operators came next, followed by land administrators, pumpers, and planners. Since 1998, Quorum has helped thousands of energy workers with business workflows that optimize profitability and growth. Our vision for the future connects the global energy ecosystem through cloud-first software, data standards, and integration. The trusted source of decision-ready data for 1,800+ companies, Quorum Software makes the essential connections that let us work better together in the connected energy workplace. For more information, visit quorumsoftware.com.

Diversity Statement: At Quorum, we are committed to fostering, cultivating and preserving a culture of diversity, equity and inclusion. We want to be the place where a diverse pool of talented people join us, stay with us and do their best work. With a diverse team of employees, we grow and learn better together. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and our achievements. We are fully focused on equality and believe deeply in diversity of race, gender, sexual orientation, religion, ethnicity, national origin and all the other characteristics that make us unique. We have a DEI committee focused on Culture, Advocacy and Talent, have company-wide Unconscious Bias training and more.

Quorum Business Solutions and Quorum Software are Equal Opportunity Employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.

Those applicants requiring reasonable accommodation to the application and/or interview process should notify a member of the Human Resources Department