Principal Software Engineer/Tech Lead - Security and Compliance

Principal Software Engineer / Tech Lead - Security and Compliance

Constant Contact is revolutionizing the success formula for small organizations through affordable, easy-to-use Engagement Marketing™ tools that help create and grow customer relationships. More than 450,000 small businesses, nonprofits, and associations worldwide rely on Constant Contact to drive ongoing customer dialogs through email marketing, social media marketing, event marketing, and online surveys. All Constant Contact products come with unrivaled KnowHow, education, and free coaching with a personal touch, including award-winning customer support. Do you want to innovate, stand out amongst your peers, see your work being used by thousands of small businesses all around you - and go home feeling energized every day All of this while working on latest technologies and helping to build massively scalable systems at one of the fastest SaaS companies around? Come work at a place where agility, developer productivity and continuous improvement are valued, and architectural and product roadmaps are downright kick-ass! Here at Constant Contact, we believe that if you offer challenging projects to smart people, and give them the freedom to invent, you can create powerful software while being part of a fun, collaborative environment. For this particular position, we are looking for someone interested in being the technical lead within our development organization for Security and Compliance - you will be the point of technical ownership for this. This includes a wide array of responsibilities - read on!

Responsibilities

• Technical architecture and solutions for web application vulnerability protection (across several different architectures), including Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), etc.

• Single Sign-On (SSO), including authentication and identity management strategies across 3rd party systems (OpenID, etc.)

• Data privacy and protection, data encryption, digital privacy vaults (such as Cyber-Ark)

• Design and development of Email Authentication, Abuse Analytics, and Bounce Management solutions

• Work across the organization to ensure security is considered and designed properly into all new development initiatives; establish and socialize best practices

• Keep current on trends and best practices in the industry, help shape and influence technical product roadmap

• Independently work in an agile environment. Collaborate with all team members, Development, Quality Engineering, User Experience, Operations, and Product Management to build best of breed solutions that meet operational scalability requirements.

• Provide high quality output by collaborating on test plans, implementing unit tests, and always making sure you've left things better than when you started.

• Most of all, have fun doing all of the above and more!

Requirements

• B.S. in Computer Science or equivalent

• A minimum of 8 years experience developing web-based applications

• High energy with a breadth and depth of advanced technical skills.

• Passion for building great products

• Familiarity with a broad mix of technologies, including a strong subset of: Java, JavaScript, JSP, JBoss, HTML, XML, Spring, UI frameworks, Ruby, DB2, NoSQL (Cassandra), Web Services, and a range of open source libraries (plus anything else you can bring to the table).

• Familiarity with the following strongly desired - willingness to learn a must: OWASP, XSS, CSRF, SSO, OpenSSO, OpenID, SAML, Cyber-Ark, SMTP, IMAP, POP3

Frank Ottati Technical Recruiter email: [email protected] phone: 781-482-7317 fax: 781-482-7721