Dell Sr Engineer, Prod Security Eng in Bangalore, India

Job Description:

Senior Security Engineer

PRINCIPAL DUTIES AND RESPONSIBILITIES

  • Help product teams harden their systems, at the OS level, employing techniques such as configuring SSH, and password complexity. Experience with STIG/SRGs is a plus

  • Write scripts to help product teams harden and validate the hardening of their systems

  • Help product teams configure SSL/TLS using appropriate cryptographic algorithms

  • Collaborate with the SCAP community to build out XCCDF and OVAL files to provide automated scanning and hardening capabilities

  • Help product teams select the right code analysis tools and the right configuration based on product and languages used in the product

  • Help the product team triage tool generated reports and prioritize the resolution of the issues

  • Help product teams create a threat model and identify threats based on the attack surface

  • In all interactions use the engagement with the product teams to educate and mentor them so they become self-sufficient

  • Understand prevalent security vulnerabilities such as authentication bypass, command injection and cross-site request forgery, their impact, and their efficient remediation.

  • Develop solutions to complex problems that require the frequent use of creativity. Uses judgment within broadly defined policies and practices. Anticipates change and directs or redirects efforts.

Skills

  1. Experience with system hardening. Experience with DISA SRGs and STIGs is a big plus

  2. Working knowledge of applied cryptography (hashing, PKI, some of the different algorithms and ability to explain their correct use is a MUST ).

  3. Strong and proven competency in secure coding in multiple languages, at least one scripted and one compiled language

  4. Prior experience with Static or Runtime code analysis, including tools such as Fortify and Coverity

  5. Working knowledge of Web UI applications , Web frameworks (Spring, Angular JS, Node JS, etc.) and the OWASP top 10. Experience with Zap, Burp is a big plus

  6. Familiarity with the Linux and Windows platforms. Admin experience is a big plus.

  7. Have an understanding of secure software development practices including threat modeling, secure design principles, secure coding, code analysis, and security testing.

  8. Strong written and spoken communication skills.

  9. Ability to work with diverse and global teams.

Experience Required:

5-7 Years

EMC Values:

When you choose our company, you join a diverse world of innovative thought leaders. At our core is a commitment to workplace diversity, the sustainability of our planet, and community corporate involvement. We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities-all to create a compelling and rewarding work environment.

Critical Hiring Criteria:

Functional Area(s):

Engineering - Software

Business:

EMC GES

Business Unit:

100 - EMC CORPORATE

Location:

India - Bangalore

AutoReqId:

181587BR