This job ad has been posted over 30 days ago...
10
applicants
Senior Security Engineer - Product Security Engineering
at Citrix (Anywhere) (Published at 18-08-2011)
The Citrix Platform Security Engineering team is looking for an experienced application security specialist, this role involves a variety of security activities ranging from the execution of a secure development lifecycle process through to technical and risk analysis of potential product vulnerabilities and exploits. The candidate will have the opportunity to work on a wide range of products, including core Citrix application and server virtualization technologies, and will be working within a well established team of security engineers.
The ideal candidate will be a technically oriented security engineer with a proven track record in application level security analysis, including design, source code, and binary level reviews. Additional desirable skills and experience include: commercial software development experience, specific technical knowledge of Operating Systems internals and security mechanisms, and hands-on experience building or executing a secure development process.
The main focus of the candidate will be to work with Citrix engineering teams and other security specialists to uphold the level of security in Citrix products; this will involve conducting detailed technical security analysis of specific components as well as working with engineering teams to provide general application security guidance and advice. Candidates may also be involved in several other aspects of the overall secure development process.
Qualifications and Requirements
Primary Responsibilities:
百ecurity analysis of product architecture, design, and implementation.
肘dentification and analysis of potential security vulnerabilities.
肘dentifying and driving longer term product and process improvements.
筆aking technical and business recommendations to product teams.
柊nalysis of customer reported security issues.
姫roviding technical guidance and security training to development teams.
謬echnical risk assessment.
標riting and reviewing product security bulletins.
Required:
疋etailed knowledge of common software vulnerabilities.
柊bility to derive and apply creative attack techniques.
柊bility to analyse potential vulnerabilities to determine if an exploit is feasible.
髭xperience deriving threat models or attack trees.
柊bility to identify and implement longer term product and process improvements.
柊bility to analyse the risk presented by potential vulnerabilities.
柊bility to clearly and effectively communicate with engineers and management.
稗achelors degree in Computer Science or related field.
Desirable:
匹ISSP, CSSLP, or GIAC certifications.
疋etailed, low-level, technical knowledge of Windows, Unix, or Linux operating systems.
菱ands-on software development experience.
百olid understanding of C/C++ development on Windows or Unix platforms.
膝ood understanding of Java or .Net and related tools and technologies.
髭xperience developing and testing web based applications.
髭xperience with static code or binary analysis tools.
百olid understanding of common networking protocols: TCP, IP, UDP, HTTP, SSL.
膝ood understanding of virtualization and related technologies and security risks.
姫rior experience with Citrix products.
Note: Applications have been closed
The ideal candidate will be a technically oriented security engineer with a proven track record in application level security analysis, including design, source code, and binary level reviews. Additional desirable skills and experience include: commercial software development experience, specific technical knowledge of Operating Systems internals and security mechanisms, and hands-on experience building or executing a secure development process.
The main focus of the candidate will be to work with Citrix engineering teams and other security specialists to uphold the level of security in Citrix products; this will involve conducting detailed technical security analysis of specific components as well as working with engineering teams to provide general application security guidance and advice. Candidates may also be involved in several other aspects of the overall secure development process.
Qualifications and Requirements
Primary Responsibilities:
百ecurity analysis of product architecture, design, and implementation.
肘dentification and analysis of potential security vulnerabilities.
肘dentifying and driving longer term product and process improvements.
筆aking technical and business recommendations to product teams.
柊nalysis of customer reported security issues.
姫roviding technical guidance and security training to development teams.
謬echnical risk assessment.
標riting and reviewing product security bulletins.
Required:
疋etailed knowledge of common software vulnerabilities.
柊bility to derive and apply creative attack techniques.
柊bility to analyse potential vulnerabilities to determine if an exploit is feasible.
髭xperience deriving threat models or attack trees.
柊bility to identify and implement longer term product and process improvements.
柊bility to analyse the risk presented by potential vulnerabilities.
柊bility to clearly and effectively communicate with engineers and management.
稗achelors degree in Computer Science or related field.
Desirable:
匹ISSP, CSSLP, or GIAC certifications.
疋etailed, low-level, technical knowledge of Windows, Unix, or Linux operating systems.
菱ands-on software development experience.
百olid understanding of C/C++ development on Windows or Unix platforms.
膝ood understanding of Java or .Net and related tools and technologies.
髭xperience developing and testing web based applications.
髭xperience with static code or binary analysis tools.
百olid understanding of common networking protocols: TCP, IP, UDP, HTTP, SSL.
膝ood understanding of virtualization and related technologies and security risks.
姫rior experience with Citrix products.
Note: Applications have been closed