Security Roles (Security Engineer/Security Delivery manager/Security A

Company: Xoriant Corporation
Location: Seattle, Washington, United States
Type: Full-time
Posted: 01.JAN.2021

Summary

Xoriant is an equal opportunity employer. No person shall be excluded from consideration for employment because of race, ethnicity, religion...

Description

Xoriant is an equal opportunity employer. No person shall be excluded from consideration for employment because of race, ethnicity, religion, caste, gender, gender identity, sexual orientation, marital status, national origin, age, disability or veteran status.

  • Title:- Security Roles (Security Engineer/Security Delivery manager/Security Analyst)
  • Location - Seattle , WA
  • Type - Full time
  • Mode of interview - Web-ex /Zoom

SECURITY ENGINEER

The skills we are looking for, aside from pen testing and ethical hacking, Must have front end programming. Should have experience with testing, building technology on the hardware and software side -- so C++/Java/Python/.NET are key skills.

SECURITY DELIVERY MANAGER

As a Security Delivery Manager, you will evaluate customer applications and products security and advise them how to develop secure solutions. These could include operating systems, mobile frameworks, embedded devices, and cloud based solutions. Successful Security Delivery Manager can apply their security expertise to multiple domains, have experience leading teams, and possess an unending curiosity about technology. Our ideal candidate will be able to influence clients so they can achieve the right balance between their business needs and security requirements.

Job Duties:

  • Security Design and Assessment (25%): white box testing, static code analysis, review of dependencies and packages used in the code, and analysis of cryptographic functions and modules in code. Threat modeling of complex applications and hardware; review of client documentation on their application/product and all technical details about infrastructure and technology used; and build out test approach and prioritize security testing needs.
  • Security Testing (25%): Penetration testing, execution of test cases in order of severity on the front end and back end of the application, common attack vectors are exploited, testing of cases formulated uniquely for the application to pinpoint specific unique functionality in the application, proof of concept.
  • Reporting and Documentation (10%): Report generation with details about the scope and duration of the penetration test, a brief description of the application and service which was tested, test plan which was executed, important observations regarding the application or the service, further steps to improve the security posture of the application and the service and the list of security findings with exact details and evidence and security recommendation to fix it.
  • Leadership activities (40%): Research, training development, mentoring, processes automation & efficiencies driver.

Minimum Requirements

  • Programming experience including secure code review in any of the following: C/C++ or Python or Java.
  • 4 years of experience with security design, implementation, or assessment.
  • 4 years of experience in leading advanced security testing including penetration testing, web application and web service security, Android/iOS security, cryptography, blockchain technology, hardware security, kernel hacking and reverse engineering.
  • Must have demonstrable experience leading teams.
  • BA/BS in Computer Science, Computer Engineering, Information Security, Technology or related field.
  • Up to 10% travel expected

Preferred Requirements:

  • 5+ years of programming experience in any of the following: C/C++ or Python or Java.
  • 5+ years of consulting experience
  • BA/BS in Computer Science, Computer Engineering, Information Security, Technology or related field.
  • Public-facing research in areas of expertise (e.g. conference talks, tool development, blog posts)
  • 2+ years of experience with popular cloud platforms (AWSP/Azure/OCI)

SECURITY ANALYST

Summary

As a Sr. Security Analyst, you will help your team evaluate customers' products and applications security levels and recommend ways to develop more secure solutions. These could include operating systems, mobile frameworks, embedded devices, and cloud based solutions. Successful Senior Security Analyst can apply their technical and security training and expertise to multiple domains, are comfortable working in and with teams, and possess an unending curiosity about technology.

The ideal candidate will be able to work with their client team to achieve the right balance between our customers' business needs and security requirements.

Responsibilities

  • Identifies customer security vulnerabilities
  • Delivers concise technical work and advice to customers and other staff members
  • Helps customers develop secure applications
  • Creates security analysis reports and other relevant customer-faced documentation.

Required Qualifications

  • 2 years of programming experience in any of the following: C++, .Net, Java
  • 1 years of experience (or appropriate relevant coursework) with security design, implementation, or assessment. Security firm internships can substitute for the equivalent experience.
  • Understanding of at least three of the following: security advanced security areas: cryptography, fuzzing, hardware security, kernel hacking, and reverse engineering
  • Must have demonstrable experience participating in small teams
  • Excellent written and oral communication skills
  • Associate's degree or above

Preferred Qualifications

  • Proven experience with vulnerability discovery and responsible disclosure
  • Academic or professional consulting experience and background
  • History of contributing to open source projects or attending relevant professional conferences
  • Bachelor's degree in relevant specialty

///////*********Any query please call on *****//////////////

- provided by Dice

 
Apply Now

Share

Free eBook

Flash-bkgn
Loader2 Processing ...