Dell Product/Application Security Engineer in Round Rock, Texas
Product/Application Security Engineer
Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
The Security Engineer will join the Product Security Incident Response Team (PSIRT), part of Dell’s Product Security Office in Round Rock, TX or Hopkinton, MA. This role will identify and resolve vulnerabilities in Dell products.
The Dell Product Security Office offers a unique opportunity to join a very talented team involved in the progressive business of developing, building and delivering leading edge product security practices and standards.
Perform analysis on the vulnerability reports as submitted by the finder (customers, third party security researchers and research organizations) and work with engineering organizations to verify the existence of the vulnerability
Communicate the nature and severity of the vulnerability and work with the various engineering organizations to determine the impact on Dell product(s)
Provide technical subject matter expertise to engineering organizations on common application security vulnerabilities, how to prevent them and how to test for them
Assist the engineering organizations in interpreting the results of penetration testing and vulnerability scanning tools such as IBM AppScan, Burp, Nessus, Qualys, etc.
Work with the engineering organizations to test the fixes for identified vulnerabilities
Assist with technical communication with security researchers and research organizations during lifecycle of vulnerability response
Apply Common Vulnerability Scoring System (CVSS) for assessing the severity of security vulnerabilities
Perform mapping of Dell product vulnerabilities to Common Weakness Enumeration (CWE) and industry resources such as OWASP Top 10, CWE/SANS TOP 25 Most Dangerous Software Errors etc.
Conduct technical root cause analysis on Dell product vulnerabilities and coordinate with internal resources to create a technical position statement on these for Dell engineering organization consumption
Bachelor’s degree in Computer Science, Information Systems, or a related field
5+ years of experience, specifically in Application Security, Security Operations, and Incident Response
In-depth knowledge of several security domains and understanding of relevant software lifecycle domains
Understanding of Security Development Lifecycle (SDL) practices such as threat modeling, security testing, code reviews, etc.
Experience in application security and code reviews are required
In depth knowledge of OWASP Top 10, CWE/SANS TOP 25 Most Dangerous Software Errors
In depth knowledge of CVSSv3 and CWE
Experience in security incident response is preferred
Experience in penetration testing is preferred
Experience in software development is preferred (C/C++, Java, Python)
SANS/GIAC, CSSLP certifications preferred
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
If you can ensure the highest level of security for our customers, this is your opportunity to develop with Dell.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here .