The D. E. Shaw group is a global investment and technology development firm with more than $65 billion in investment capital as of December 1, 2024, and offices in North America, Europe, and Asia. Since our founding in 1988, our firm has earned an international reputation for successful investing based on innovation, careful risk management, and the quality and depth of our staff. We have a significant presence in the world's capital markets, investing in a wide range of companies and financial instruments in both developed and developing economies.

We are looking for a Software Security Engineer to join our Information Security team based in our India offices. The team works to continuously improve the security posture of internally developed software in a fast-paced, large development organization and helps minimize information security risk for the firm.

WHAT YOU'LL DO DAY-TO-DAY:

In this role, you will perform security assessments of software and provide guidance in correcting deficiencies. Some examples include reviewing our Trading Systems applications that run as distributed systems on the cluster or in-house project and task management software. You will also review the security of software designs and help develop them. Examples include secure data storage or in-house LLM based productivity tools. Additionally, you will implement security controls and enhance existing systems to help comply with our security requirements. Examples include adding support for Kerberos authentication to open-source databases like Redis and Mongo, implementing support for OpenID Connect authentication in web frameworks, and implementing novel authentication and authorization protocols. Furthermore, you will implement and support tools for automatic vulnerability finding both for the needs of the Information Security team as well as the larger development organization. Examples include our in-house static code analysis, dynamic web application security testing tools, a system for third-party software dependency security assessment and monitoring, and a centralized vulnerability management system.

Basic Qualifications:

• Solid grasp of computer science and computer security fundamentals as well as principles of secure system design and secure SDLC
• In-depth knowledge of common software vulnerabilities and how to remediate them
• Good knowledge of common building blocks of modern security (security protocols, access controls, security-relevant operating system features, etc.) and how they fulfill security requirements
• Relevant hands-on experience with web and non-web distributed application security and penetration testing
• Working knowledge of Python, Java, and JavaScript
• Excellent software development skills in any of the above languages
• Experience applying automated vulnerability finding tools (SAST and DAST)
• Excellent written and oral communication skills
• Good interpersonal skills, and the ability to collaborate across teams to drive results
• A degree in Computer Science or related fields with 3 to 8 years of relevant experience
  
  

Preferred Qualifications:

• Good grasp of DevSecOps and experience in building and promoting it in a modern software development organization
• Experience developing automated vulnerability finding tools (SAST or DAST)
• Working knowledge of either C#, Rust, or Go
• Experience with security assessment of Linux environments
• In-depth knowledge of cryptography
• Cloud security knowledge
  
  

Interested candidates can apply through our website:

https://www.deshawindia.com/recruit/jobs/Adv/Link/SnrMemSEJan25

We encourage candidates with relevant experience looking to restart their careers after a break to apply for this position. Learn about Recommence, our gender-neutral return-to-work initiative.

The Firm offers excellent benefits, a casual, collegial working environment, and an attractive compensation package. For further information about our recruitment process, including how applicant data will be processed, please visit https://www.deshawindia.com/careers

Members of the D. E. Shaw group do not discriminate in employment matters on the basis of sex, race, colour, caste, creed, religion, pregnancy, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class.