Vacancy expired!
Software Security Research Engineer (AppSec)
Job Description:Fortify is seeking a self-driven enterprise Software Security Researcher who understands that security is more than firewalls and encryption. Software security is becoming a bigger concern as more and more organizations are experiencing embarrassing public incidents with large losses of data. About Us: The Software Security Research (SSR) Team specializes in approaching security from the perspective of how we build and use software. SSR is responsible for conducting security research which leads to enhanced security products as well as contributions to the Micro Focus Security Research Blog, whitepapers, conference presentations, and annual Cyber Risk Report. SSR identifies new types of software vulnerabilities, defines the taxonomy used by all Fortify products, and highlights broad security problems in development practices. We're looking for people to:- Expand the security content and capabilities of Micro Focus Fortify Product
- Improve Fortify' s ability to communicate with and educate customers about security issues
- Publish and present Fortify' s research and other relevant security topics
- Follow trends in software security and assess their significance
- Investigate and implement techniques for exploiting security vulnerabilities
- Discover new methods for automatic identification of vulnerabilities
- Extract the essence of known vulnerabilities to shape products of the future
- Identify new vulnerabilities in open source projects and customer code
- Bachelors/Masters in Computer Science/Engineering/Cyber-Security
- 3 or more years' systems/software experience with a strong focus in enterprise security
- Experience with Infrastructure as Code and Cloud Native development (e.g. Ansible, Azure Resource Manager, AWS CloudFormation, Docker, Kubernetes, SaltStack, Terraform, etc.)
- Proficient in multiple programming languages (e.g. Java, C#/ASP.NET, C/C, Objective-C, SWIFT)
- Interest in software security and secure development
- Exposure to common security software flaws
- Extensive experience with multiple software systems design tools and languages
- Excellent analytical and problem solving skills
- Experience in overall architecture of software systems for products and solutions
- Designing and integrating software systems running on multiple platform types into overall architecture
- Evaluating forms and processes for software systems testing and methodology, including writing and execution of test plans, debugging, and testing scripts and tools
- Strong technical communication skills with the ability to effectively communicate product architectures and design proposals
- Proficient in scripting languages (e.g. Python, JavaScript, Ruby)
- Source code auditing experience (especially Fortify SCA)
- Experience working in a large enterprise software development environment
Vacancy expired!