Security Engineer

September 20

Apply Now

Receive Emails with Similar Jobs

Security Innovation

WebsiteLinkedInAll Job Openings

software security • general security training • developer security training • IoT • hackathon

51 - 200

💰 $4M Series C on 2015-03

Description

• Work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile, and more. • Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications. • Create threat models that result in more secure application design. • Design and develop security testing scenarios. • Analyze and present results of testing to team members, managers, and customers. • Write detailed problem reports, test plan documents, and mitigation recommendations as needed. • Develop tools to aid penetration test automation and effectiveness. • Review code for common security vulnerabilities.

Requirements

• Bachelor’s degree in Computer Science or related • Experience in conducting penetration tests for high profile customers or products • Experience in working in R&D teams on fast paced, and high impact projects • Experience in performing low complexity and high complexity Web Application, Network and Cloud Penetration testing in an enterprise environment • Experience in writing and reviewing technical reports on vulnerabilities findings • Experience in communicating with clients about discovered vulnerabilities and participating in kick-off meetings • Experience in performing Threat modeling and architecture and design review of Web, Network and Cloud Services • Experience in conducting static and dynamic code analysis and review for various programming languages such as Python, Java, and JavaScript • Working knowledge of common security testing tools like Burp Suite, GNU Debugger, Ghidra, IDA, Ollydbg • Knowledge of common application security bugs, attack types, and mitigation strategies; solid understanding of networking fundamentals • Knowledge of reverse engineering techniques • Above average knowledge of Windows and/or Linux and Unix variants • Willingness to share knowledge and provide mentorship to other people • Solid understanding of system-level design such as memory allocation, assembly language, process control, and concurrent programming • Experience in developing tools to automate penetration testing process • Experience in participating in Capture-the-Flag events, and trained on security platforms such as Hack the Box, and Root Me • Knowledge of cloud infrastructure and performing cloud configuration reviews • Ability to conduct research on a technical topic and deliver presentations for a technical audience • Participated in security-related events such as Hacking Conferences, Bootcamps, and Meetups and contributed to Security Community.