Security Innovation is hiring a
Security Engineer

Summary

The job description is for a Security Engineer position in the Services team. The role involves application security, software vulnerabilities, and remote work. The candidate should have knowledge of common application security bugs, attack types, and mitigation strategies, networking fundamentals, coding skills, strong communication skills, and a B.S. in Computer Science or equivalent experience.

Requirements

• Knowledge of common application security bugs, attack types, and mitigation strategies
• Solid understanding of networking fundamentals
• Demonstrate an ability to code in one or more language
• Above average knowledge of Windows and/or Linux and Unix variants
• Willingness to learn new technologies
• Strong written and verbal communication skills
• B.S. in Computer Science, related degree, or equivalent experience

Responsibilities

• Work closely with other Application Security Engineers to perform reviews and tests on web and conventional applications as well as embedded, firmware, mobile, and more
• Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications
• Create threat models that result in more secure application design
• Design and develop security testing scenarios
• Analyze and present results of testing to team members, managers, and customers
• Write detailed problem reports, test plan documents, and mitigation recommendations as needed
• Develop tools to aid penetration test automation and effectiveness
• Review code for common security vulnerabilities
• Possible travel to client sites to conduct in-person security reviews and assessments

Preferred Qualifications

• Completed OSCP, OSWE, or a similar security certification
• Understanding of application design, development, and testing techniques
• Involved in Bug Bounty programs
• Participated in Capture the Flag events
• Working knowledge of common security testing tools like Burp Suite, SQLMap, Metasploit, Ghidra, IDA, etc
• Experience with embedded, firmware, and/or IoT technologies
• Experience with applied cryptography and/or blockchain
• Detail-oriented and dependable

Benefits

• Competitive salary and equitable salary structure
• Flexible work from home and remote options
• Unlimited paid time off, mental health days, and 12+ company holidays
• Comprehensive Health, Dental, and Vision insurance options
• Flex Spending and HSA options
• 401k with immediate vesting and up to 6% match
• Generous professional development budget
• Professional certification, training, and conference opportunities
• Ample engineer hardware budget
• Culture focused on health & wellness, diversity, equity, and inclusion