Principal Security Engineer- Digital 14, Abu Dhabi, UAE
In This Role, You Will
Co-ordinate with other teams to gather proper requirements for testing and complete due-diligence
Handling Multiple projects simultaneously
Coordinate medium/large security testing projects
Review scope and findings of other team members
Helping other team members to bypass in place security controls whenever required
Analyse applications to understand how they work, where they have weaknesses and demonstrate how identified vulnerabilities can be exploited by developing Proof-of-Concepts
Make a difference by conducting research on new techniques, security mitigations and identifying zero-day vulnerabilities
Mentor and coach colleagues on technical topics.
Assist management with certain requests
Join a diverse team of passionate security experts as a valued member
Perform peer-review
Develop custom scripts for vulnerability discovery during projects
Write comprehensive security assessment reports for developers and upper management
Collaborate with a great team of security experts and work in a lab environment
Propose mitigations for the security vulnerabilities identified in the Digital14 products
Perform security reviews of requirements, design specifications, and code
Raise awareness of our developers to security best practices
Work closely with our Engineering teams to gain in-depth knowledge of our systems
Offer support to engineering team to fix the identified security defects and/or security incidents.
Consistently deliver on commitments on time and with quality
Interest to further deepen product security expertise
To bring your dream to life, you will need:
A degree in Computer Science, Computer Engineering or Electrical Engineering or obtained relevant security certifications
10+ years of experience as a Penetration Tester (application/platform level)
Highly skilled in aread of exploit development and Memory related attacks
Low level skills such as Kernal/OS internals testing,fuzzing etc required
Tool development experience (candidate's github/blogs profile may be requested)
Deep understanding of various software security vulnerabilities, threats and attack vectors on different environments, and reverse engineering
Experience in software and/or devices such as Operating Systems, ICS, smart cards, web servers, Smartphones, email servers, web applications, clients and readers etc.
Software development experience in any of these languages: C/C++, C#, Java, JavaScript, PHP, Objective C)
Strong foundation in computer architecture, network, web technologies, Operating Systems or embedded systems
Understanding of iOS or Android Internals on Application as well as OS/kernel level
Has an understanding of the internals on iOS such as IPC (Mach, XPC), Code Signing, Sandboxing, dyld shared cache etc
Experience in binary analysis, debugging and exploit development and the relevant mitigation techniques for various class of vulnerabilities
Understanding of cryptography, protocol analysis, threat modeling, vulnerability research and fuzzing
Foundation in iOS/Android development of native, web and hybrid apps
Experience of working with secure coding methodology, best practices and their implementation within engineering teams
Strong foundations in computer architecture, network, web technologies, Operating Systems or embedded systems
Excellent written and verbal communication skills; including the ability to convey highly technical information to non-technical audience
Desired Qualifications
Candidate should have public track record of reporting critical/high 0-days vulnerabilities / Public talks in conferences / Article / Research papers
Understanding and experience on various cybersecurity technologies on Microservices and DevSecOps practices
Understanding and hands-on experience in API security , Open source software Security (SCA) and Service mesh, CI-CD pipeline and various tools used
Experience with modern development practices and tools like git, Kubernetes, Elasticsearch etc.
Experience with threat modelling frameworks such as STRIDE PASTA and VAST
Experience working with Security Maturity Model framework (e.g. BSIMM, SAMM, BSA)
Apply Here:
https://endi.fa.em8.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/job/489
========================================================================
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
You may also submit your CV here >>>>>>>>
https://www.dubai-forever.com/submit-your-cv.html
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Join general, and category-specific WhatsApp jobs groups to be notified of the latest jobs in the Middle East.
Navigate here, to read more:
https://www.dubai-forever.com/whatsapp-jobs.html
UAE/KSA/Oman/Qatar/Kuwait/Bahrain
No comments:
Post a Comment