Dell Sr Engineer, Prod Security Eng in Bangalore, India
Senior Security Engineer
PRINCIPAL DUTIES AND RESPONSIBILITIES
Help product teams harden their systems, at the OS level, employing techniques such as configuring SSH, and password complexity. Experience with STIG/SRGs is a plus
Write scripts to help product teams harden and validate the hardening of their systems
Help product teams configure SSL/TLS using appropriate cryptographic algorithms
Collaborate with the SCAP community to build out XCCDF and OVAL files to provide automated scanning and hardening capabilities
Help product teams select the right code analysis tools and the right configuration based on product and languages used in the product
Help the product team triage tool generated reports and prioritize the resolution of the issues
Help product teams create a threat model and identify threats based on the attack surface
In all interactions use the engagement with the product teams to educate and mentor them so they become self-sufficient
Understand prevalent security vulnerabilities such as authentication bypass, command injection and cross-site request forgery, their impact, and their efficient remediation.
Develop solutions to complex problems that require the frequent use of creativity. Uses judgment within broadly defined policies and practices. Anticipates change and directs or redirects efforts.
Experience with system hardening. Experience with DISA SRGs and STIGs is a big plus
Working knowledge of applied cryptography (hashing, PKI, some of the different algorithms and ability to explain their correct use is a MUST ).
Strong and proven competency in secure coding in multiple languages, at least one scripted and one compiled language
Prior experience with Static or Runtime code analysis, including tools such as Fortify and Coverity
Working knowledge of Web UI applications , Web frameworks (Spring, Angular JS, Node JS, etc.) and the OWASP top 10. Experience with Zap, Burp is a big plus
Familiarity with the Linux and Windows platforms. Admin experience is a big plus.
Have an understanding of secure software development practices including threat modeling, secure design principles, secure coding, code analysis, and security testing.
Strong written and spoken communication skills.
Ability to work with diverse and global teams.
When you choose our company, you join a diverse world of innovative thought leaders. At our core is a commitment to workplace diversity, the sustainability of our planet, and community corporate involvement. We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities-all to create a compelling and rewarding work environment.
Critical Hiring Criteria:
Engineering - Software
100 - EMC CORPORATE
India - Bangalore