Sr. Software Engineer - Security

Basic Function

LYB’s Digital Technologies organization provides value focused and scalable digital, data-driven, and advanced analytics solutions across the enterprise, developed as custom software engineering solutions.  Through working closely with the team’s Software Engineers, Data Engineers, Data Scientists, and Data Analysts, along with other LYB teams including Cybersecurity, Operations, and Architecture, the Sr. Software Engineer – Security will have the opportunity to define, govern, and own secure custom software engineering design, implementation, and controls at LYB.  We are looking for an innovative, energetic, productive, software development minded, and humble individual who will demonstrate LYB’s core values in the application of secure coding principles and processes across our ecosystem.  At LYB, we work a flexible hybrid schedule, which includes remote work-from-home days and in-person team collaboration days.

Relocation assistance will be provided.
 

Roles & Responsibilities

• Serve as a technically hands-on software engineer knowledgeable in LYB’s software stacks, and focused on implementing secure design principles, standards, and controls
• Responsible for addressing security risks, deficiencies, and opportunities for improvement in LYB’s software engineering ecosystem, and for planning and implementing appropriate corrective actions and controls
• Responsible for ensuring all custom software engineering work, including vendor developed custom code, follows the appropriate security standards and processes, and has the proper governance and controls in place
• Responsible for following emerging software engineering security trends, how they could be related to LYB’s custom software engineering efforts, and how any negative impacts could be mitigated
• Responsible for following security related research and development, and how newly developed capabilities could improve LYB’s software engineering ecosystem
• Responsible for producing and maintaining the necessary technical documentation and reporting required to meet internal and external controls, audits, and standards
• Perform on-going security testing and code review to improve software security
• Network internally and externally to build relationships that foster the transfer and collaboration of secure software engineering principles

Min. Qualifications

• BS (MS strongly preferred) in Computer Science, Software Engineering, or related technical field, with additional experience required in the place of advanced education
• 4+ years professional hands on software engineering experience with a PhD, or 6+ years’ experience with an MS degree, or 8+ years’ experience with a BS degree, ideally with some time in a security software engineering focused role
• Knowledgeable in software security testing and auditing, including penetration testing
• Knowledgeable of techniques, standards, and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities, and remediation
• Knowledge of web related technologies (web applications, web services, and service oriented architectures) and of network/web related protocols
• Demonstrated ability to work under the direction of others and in a team
• High level of enthusiasm and a passion for security, software engineering, and technology
• Strong quantitative and problem-solving skills, including strong data, technical, and mathematical knowledge and skills
• Very strong Python, JavaScript, and/or other programming experience
• Strong technical documentation and communication skills

#LI-VW1
#LI-HYBRID

Preferred Qualifications

• MS strongly preferred, with a PhD preferred
• 7+ years professional hands-on software engineering experience with a PhD, or 9+ years’ experience with an MS degree, or 11+ years’ experience with a BS degree, ideally with some time in a security software engineering focused role
• Secure software engineering or Cybersecurity related certifications, such as ISSEP, CISSP, CCSP, and cloud security certifications are desired, but not required

Competencies