Job Details

IT & Security Product Specialist

Company Apply Now

Kramer

Published

2021-01-07

Closes

2021-03-08

Location

Jerusalem, Yerushalayim, Israel

Category

Software and Programming, Other

Type

Full-time

Description

The position primarily deals with the end-to-end security of assigned products and working closely with R&D staff in achieving product and security objectives.

 Requires deep understanding in key aspects of the hardware, software, protocols, cloud and related infrastructure technology stack as well as familiarity with security best practices and methodologies.

 Responsibilities:

Perform architecture reviews as part of product security process
Perform security risk assessments and penetration tests
Contributes to security requirements/use cases development
Influencing product features and roadmaps
Manage and implement security in assigned products
Support in security compliance/regulatory documentation
Building capabilities, tools, and help automate where possible driving improvements to product security process and practices
Lead vulnerability/incident assessment in alignment with security vision

Qualifications (demonstrated competence):

  • Bachelor’s Degree
  • 4-5 years of experience in security space, preferably in product - hardware, software, cloud or mobile app development space
  • Industry experience in a regulatory environment (a plus)
  • The ability to fluently read, write, understand, and communicate in English
  • Demonstrable knowledge and experience in one or more of the following areas:
  • Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards.
  • Experience leading secure architecture, design, and code reviews
  • Operating Systems: Windows/Linux/Ubuntu/Android
  • Cloud Containers, security controls for IaaS, PaaS, Serverless: AWS, Google Cloud Platform, Azure, identity and Management, Encryption/data protection, Key Management, Software security, cloud development areas
  • Direct development experience in languages including C/C++ (x86 or ARM), Python, and Java; Go or Swift experience desirable
  • Secure Development Processes including threat modeling, security requirements, test automation, vulnerability management etc.
  • Familiarity with security vulnerability detection and security test automation tools such as Qualys, Nessus, Burp Suite, metasploit, and Klocwork.
  • Excellent written and verbal communication skills; must understand and be able to deliver security concepts and challenges to various levels within the organization (e.g. developers, program management, business leaders)
    • System security engineering
    • Embedded device security
    • Application or system hardening
    • Security Testing / Penetration Testing
    • Cloud security
    • Cryptography

 Preferred Qualifications:

  • CEH: Certified Ethical Hacker
  • CISM: Certified Information Security Manager
  • CompTIA Security+
  • CISSP: Certified Information Systems Security Professional
  • CISA: Certified Information Security Auditor