Senior Associate Software Development Engineer in Test

About the position

The Security Team in the SAS9 division is looking for a Senior Associate Software Development Engineer in Test. The team is responsible for security work related to remediation of code vulnerabilities and vulnerable third-party software components identified by customers and internal software security scans. Working in this team is fast-paced and the impact spans across multiple SAS9 releases, ship events, solution teams, and divisions. In this role you will design, develop, and test automation to support software security scans to find and report vulnerable third-party components in the software and to confirm that remediations to vulnerable third-party components are provided in the quarterly security update hot fixes. Part of this confirmation involves in-depth testing of hot fixes. You will also help troubleshoot and triage issues reported by internal and external customers and interact with SAS Technical Support to assist customers reporting security vulnerabilities in shipping versions of SAS9.

Responsibilities

• Create and maintain high quality test automation using modern development techniques, and provide data points that identify and report software vulnerabilities related to security software scans.
• Produce data that quantifies the results of our security remediations delivered in the quarterly security hot fixes.
• Work collaboratively with development, testing, product, operations, and support peers across the SAS9 Division to triage security-related issues.
• Deploy and support robust SAS 9.4 TLS-enabled test environments.
• Collaborate with our Project Management team to ensure proper tracking and compliance.
• Stay informed of emerging technologies and use them appropriately.
• Support internal and external customers.
• Perform other duties as assigned.
• Be encouraged to participate in open-source projects on behalf of SAS.
• Ensure all applicable security policies and processes are followed to support the organization’s secure software development goals.

Requirements

• Bachelor’s degree in Computer Science, Engineering, or a related quantitative field.
• 2+ years of experience in software testing on large-scale projects.
• Proficient in Jenkins and Python.
• Proficient in Java programming.
• Experience with Jira, Confluence, CVS, Gerrit, Git, or GitHub.
• Knowledge of secure software development practices and tools (e.g., Snyk, Klocwork, OWASP ZAP, Burp Suite).
• Familiarity with REST APIs and cyber security protocols (FIPS, TLS, certificates, ciphers).
• Understanding of software development methodologies and tools.
• Experience with integration, regression, and unit testing.
• Strong communication and problem-solving skills.
• Equivalent combination of related education, training and experience may be considered in place of the above qualifications.

Nice-to-haves

• Experience with SAS 9 product line and middle-tier architecture.

Benefits

• Comprehensive medical, prescription, dental and vision plans.
• Medical plan options include PPO with low annual deductible and copays.
• HDHP combined with a health savings account with a contribution from SAS.
• Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan.
• An industry-leading 401k plan.
• Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
• Volunteer Time Off, parental leave and unlimited paid sick days.
• Generous childcare benefits for all full-time employees.