Information Security Analyst - III

29 Mar 2024

Vacancy expired!

Job Title: Product Security Engineer - Penetration Tester

Location: 100% Remote

Duration: 12 months (possible extension) Description: Looking for a Product Security Penetration Tester/Engineer to join our team.
  • Perform formal penetration testing of products and solutions including remediation planning and solution identification
  • Perform Threat Modeling Vulnerability Management process and tools for all developed products/services/solutions
  • Research document and discuss security findings with management and product management teams
  • Perform design and implementation security reviews for all products and ensure adoption of product security framework and policies
  • Provide feedback and verification of remediation for the identified vulnerabilities
  • Provide clear and concise reporting of vulnerabilities and defects with potential resolutions and recommendations.
  • Track and report adherence to product security requirements throughout software development lifecycle pre- and post-commercialization
  • Propose and evaluate innovative new security features that could benefit our products
  • Develop technical solutions to address security weaknesses and collaborate with relevant stakeholders to effectively implement them in our products
  • Assist with security incident response as needed
  • May perform other duties as identified
MUST HAVE SKILLS:
  • Expertise in conducting application security assessments covering threat modeling design reviews project management and in-depth implementation audits.
  • A minimum of 2 to 5 years of industry experience in security and development
  • Solid foundation in formal penetration testing ethical hacking of embedded systems web applications and complex networked system
  • Demonstrate knowledge of product security requirements and secure coding standards e.g. NIST SP 800-53 ISO/IEC 27001 OWASP SEI CERT and MS Secure Coding Standards
DESIRED SKILLS:
  • Demonstrates thorough abilities and/or a proven record of success in the following areas:
  • Engaging business and technology stakeholders at all levels to gather long term goals and requirements
  • Demonstrating hands-on engineering experience with enterprise security technology
  • Contributing to a central technology service organization
  • Navigating a matrix organization
  • Collaborating with multiple stakeholders across functional and technical skill sets.
EDUCATION/CERTIFICATIONS:
  • Ideal candidate will have BS or MS in Computer Science Information Security or equivalent experience
  • Offensive Security Certified Expert OSCE or an Offensive Security Certified Professional OSCP
Pay Range: $52 - $58 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment.

  • ID: #49581736
  • State: New Jersey Bernards 00000 Bernards USA
  • City: Bernards
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2023-03-29
  • Deadline: 2023-05-27
  • Category: Et cetera