Information Security Engineer

Job Locations US-FL-Jacksonville
ID
2021-1763
Category
Information Technology
Type
Full Time

Overview

Fidelity National Financial, Inc. (NYSE: FNF) is a leading provider of title insurance and transaction services to the real estate and mortgage industries. FNF is the nation's largest title insurance company through its title insurance underwriters - Fidelity National Title, Chicago Title, Commonwealth Land Title, Alamo Title and National Title of New York - that collectively issue more title insurance policies than any other title company in the United States. More information about FNF can be found at fnf.com.

 

FNF is looking for a security engineer with a strong background in security who can bring their experience to improve the state of security at FNF. As a security engineer on the FNF Application Security Team you will play a key role in advancing security by partnering with other security engineers, program managers, and developers to provide guidance and best practices, automate security, and make secure development and deployment easier. This position will report to the Manager of Security Architecture and Application Security.

Duties

To be successful in this position, you will need a deep technical understanding of multiple classes of security defects, along with strong development skills, and an understanding of popular platforms and languages, and the ability to learn new information at a rapid pace. A strong track record in security consulting, penetration testing, and general hacking are critical, but the willingness and drive to improve the security overall is even more important.

 

  • Develop security documentation, training, and guidance for internal infrastructure and engineering teams
  • Consult with internal teams and assist with identifying vulnerabilities and weaknesses, make appropriate recommendations, and drive teams to implement those recommendations
  • Perform penetration testing to examine target systems in detail, looking for vulnerabilities and weaknesses
  • Conduct vulnerability research and analysis into emerging threats to include proactive security research on the technologies that we use
  • Identify and implement security technical and process improvements
  • Define and own metrics to determine effectiveness of security controls
  • Apply comprehensive hardening to infrastructure platforms, deployment code, and images
  • Architect, build, automate, and operate automated security controls/tools and review capabilities to detect vulnerabilities across all applications and services
  • Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures.
  • Assess and drive visibility as to the risk of security findings to leadership.
  • Be a champion for security culture and excellence, exercise risk-based judgement and prioritize remediation work

Requirements

Bachelor of Science in Computer Science, Mathematics, Engineering or equivalent experience or education

Experience

  • 5+ years of experience in a hands-on security role with a demonstrated mastery of multiple classes of security defects
  • Demonstrated coding skills in one or more popular languages and platforms including C#, SQL, Python, and others
  • Experience with the .NET, .NET Core, Angular frameworks
  • Understanding of cloud computing platforms and cloud-based infrastructure design and operation
  • Understanding of container technologies, security, and tooling (such as Docker, Kubernetes, Helm)

Additional Information

  • Experience with Microsoft Azure
  • Experience with Container security platforms
  • Continuous integration and delivery tooling (CI/CD)
  • Current security certification (e.g. OSCP, OSEE) is a PLU

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed