Location: Plano Texas (This is an on-site job and need local candidates only)
Contract to Hire: Long-term, extended or converted based on performance
Job Description:
Product Security Testing Software Engineer
In this role candidates will play a pivotal role in shaping the overall cyber security posture for client.
As a software engineer with the Product Security Team, candidates will be responsible for leading and developing advanced security tooling for current and forward-model systems throughout client's Connected Car ecosystem.
Responsibilities:
Lead and perform development of security test tooling that directly supports the team's validation and verification efforts
Maintain and support several existing projects, improving overall code quality
Design and develop complex software infrastructure to support DevSecOps and automated regression analysis
Engage with other stakeholders in code reviews and audits
Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniques
Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical or functional security areas
Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risks
Qualifications:
Bachelor's degree (or higher) in Electrical Engineering, Computer Engineering, Computer Science, Cybersecurity or related is strongly desired
Proficient in Python, JavaScript, C and C development
Experience with reverse engineering and binary analysis methods and tools (e.g., IDA Pro, Ghidra)
Knowledge of compiler concepts, compilation lifecycle and intermediate products
Knowledge and experience using static and dynamic binary analysis techniques
Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competence
Additional Valued Attributes:
Experience with core security concepts, embedded security best practices (e.g., secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities
Experience working with React or Angular is a plus
Experience performing code audit or review efforts
Experience working or leading in Agile development workflow
Experience in designing, developing, and debugging embedded security applications is a plus
Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101
Experience in security research, vulnerability generation
Knowledge or experience with binary symbolic analysis and fuzzing frameworks (e.g. angr, BAP, AFL)
Experience with vulnerability analysis using CVSS scoring and CWE types
Experience with vulnerability management process (from proof-of-concept to remediation)
Top three skills:
Python
Git or git hub
Agile methodologies
Other Important Notes:
Candidate must have strong experience in software development
Must have solid experience in software solution architecting or prototyping
Must have strong experience in technical agility
The job title is Product Security Testing Software Engineer, but the primary responsibility of the candidate is a software development (Programming). Client is looking for someone who is a software engineer also, who knows security testing better
Must have strong experience in security or Cyber security
This is an on-site job and need local candidates only
As an Associate - Product Security Engineer within the Cybersecurity Technology Controls Organization, you serve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Carry out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions in support of the firm\'s business objectives.
