Chevron is a multinational company in the energy industry which operates worldwide with a wide range of business strategies constantly growing and expanding its operational scope.
Buenos Aires Shared Services Center (BASSC) is a global operation offering Finance and IT Services to support Chevron´s worldwide business. Chevron values integrity, trust, diversity and ingenuity.
Chevron is accepting online applications for the position of Application Developer to be specialized in Security with advanced or bilingual English level to join our ITC team in our Shared Services Center located in Puerto Madero, Argentina.
Responsibilities for this position will be:
Subject matter expert on software development processes, best practices, and secure coding standards
Provide operational support for Application Security technologies (HP Fortify), and consulting for remediation of application security issues
Provide support to scan using different development IDE’s (i.e., Visual Studio 2005-2015 & Eclipse)
Provide System Development Lifecycle (SDLC) tools and process consulting to projects and teams to ensure secure design and code
Facilitate competency development for Application Professional role (Application Developer and Application Support Analyst)
Active leadership and participation in the Application Security Technical Network (ASTN) and Software Engineering Community of Practice; connect to other CoPs
Ensure the enterprise is following application security requirements and principles, secure coding standards and best practices
Maintain coding guidelines
Stay current on application security and associated cross-functional issues.
Support and evolve the inclusion of appropriate application security clauses in Chevron contracts (working with Procurement and Legal)
Continue evolution of app security maturity expectations and OC for the enterprise; measure CVX app security maturity; maintain relationship(s) with app security training provider and consult on content development
Minimum 5+ years of hands-on experience with formal application development project execution
Experience mitigating vulnerabilities in OWASP Top 10 and knowledge of other industry standard vulnerability lists (i.e. SANS 25, etc.)
Experience finding known vulnerabilities and where they are listed for the industry (i.e. cve.mitre, NIST, etc.)
Technical Skills: 5+ years of hands-on design and development experience using Microsoft Development Technology stack, in particular .NET, SCM, MVC, WCF; SOA; Java-based technology, workflow and reporting technologies; database technologies such as Oracle and SQL Server
Advanced skills in building applications with .Net and/or Java. (5+ years)
Experience with both Waterfall and Agile methodologies.
Experience in a range of version control, continuous integration and build automation tools and approaches. (i.e.: TFS, Git, Jenkins)
OWASP project awareness is highly desired.
Prior experience developing applications for the Cloud is desired.