Security Engineer I

Seattle, WA
Engineering (US) – Services /
Full-time /
Remote
Apply for this job
Must reference “Code 01887” in application question.  

****Telecommuting permitted, can perform duties anywhere in US.****Multiple openings.

Duties:

    • Work closely with other application security engineers to perform reviews and tests on Web and Conventional applications as well as embedded, firmware, mobile, and more.
    • Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications.
    • Create threat models that result in more secure application design.
    • Design and develop security testing scenarios.
    • Analyze and present results of testing to team members, managers, and customers.
    • Write detailed problem reports, test plan documents, and mitigation recommendations as needed.
    • Develop tools to aid penetration test automation and effectiveness.
    • Review code for common security vulnerabilities.

Other Special Skills or Requirements:

    • Education: Bachelor’s degree in Computer Science or related
    • Experience in conducting penetration tests for high profile customers or products; experience in working in R&D teams on fast paced, and high impact projects
    • Experience in performing low complexity and high complexity Web Application, Network and Cloud Penetration testing in an enterprise environment
    • Experience in writing and reviewing technical reports on vulnerabilities findings
    • Experience in communicating with clients about discovered vulnerabilities and participating in kick-off meetings
    • Experience in performing Threat modeling and architecture and design review of Web, Network and Cloud Services
    • Experience in conducting static and dynamic code analysis and review for various programming languages such as Python, Java, and JavaScript
    • Working knowledge of common security testing tools like Burp Suite, GNU Debugger, Ghidra, IDA, Ollydbg
    • Knowledge of common application security bugs, attack types, and mitigation strategies; solid understanding of networking fundamentals
    • Knowledge of reverse engineering techniques
    • Above average knowledge of Windows and/or Linux and Unix variants
    • Willingness to share knowledge and provide mentorship to other people
    • Solid understanding of system-level design such as memory allocation, assembly language, process control, and concurrent programming
    • Experience in developing tools to automate penetration testing process
    • Experience in participating in Capture-the-Flag events, and trained on security platforms such as Hack the Box, and Root Me
    • Knowledge of cloud infrastructure and performing cloud configuration reviews
    • Ability to conduct research on a technical topic and deliver presentations for a technical audience
    • Participated in security-related events such as Hacking Conferences, Bootcamps, and Meetups and contributed to Security Community.
Security Innovation is proud to offer the following:
 • Competitive salary and equitable salary structure
 • Flexible work from home and remote options
 • Unlimited paid time off, mental health days, and 12+ company holidays
 • Comprehensive Health, Dental, and Vision insurance options
 • Flex Spending and HSA options
 • 401k with immediate vesting and up to 6% match
 • Generous professional development budget
 • Professional certification, training, and conference opportunities
 • Ample engineer hardware budget
 • Culture focused on health & wellness, diversity, equity, and inclusion
Apply for this job
Jobs powered by Lever logo