Security Tester/Engineer

Reports to: Director of Security Services

Description: Responsible for participating in security design reviews, security code reviews, security testing and security research. These activities will include the following tasks:Threat modeling Test planning Application penetration testing through a UI, API or over a network Manual and automated code analysis Tools development In depth understanding of customer technologies and examination of security risks Research and whitepaper creation on relevant security topics

Specific Responsibilities:Work closely with other engineers to perform reviews and tests on Embedded platforms, Web and conventional applications Use a combination of manual and automated techniques to assess risks and crack the security of devices and applications Create threat models that result in more secure application design Design and develop security testing scenarios Analyzes results of testing sessions and presents results to team members and manager Write problem reports and test plan documents as needed

Qualifications:B.S. Degree in Computer Science or equivalent experience is a plus Strong knowledge of design, development and testing techniques Knowledge of specific attack types and common security bug categories is a plus Knowledge of a variety of programming languages (C/C++, Java/J2EE, .NET) Strong capacity to debug application and security issues Thorough knowledge of the Windows OS (XP, NT, Win2K etc.) as well as Linux and Unix variants Experience presenting to or training technical audiences a plus Technical writing experience a plus

Reports to: Director of Security Services

Description: Responsible for participating in security design reviews, security code reviews, security testing and security research. These activities will include the following tasks:Threat modeling Test planning Application penetration testing through a UI, API or over a network Manual and automated code analysis Tools development In depth understanding of customer technologies and examination of security risks Research and whitepaper creation on relevant security topics

Specific Responsibilities:Work closely with other engineers to perform reviews and tests on Embedded platforms, Web and conventional applications Use a combination of manual and automated techniques to assess risks and crack the security of devices and applications Create threat models that result in more secure application design Design and develop security testing scenarios Analyzes results of testing sessions and presents results to team members and manager Write problem reports and test plan documents as needed

Qualifications:B.S. Degree in Computer Science or equivalent experience is a plus Strong knowledge of design, development and testing techniques Knowledge of specific attack types and common security bug categories is a plus Knowledge of a variety of programming languages (C/C++, Java/J2EE, .NET) Strong capacity to debug application and security issues Thorough knowledge of the Windows OS (XP, NT, Win2K etc.) as well as Linux and Unix variants Experience presenting to or training technical audiences a plus Technical writing experience a plus