Application Security Consultant – Dell Secureworks – Bucharest, Romania

Application Security Consultant – Dell Secureworks – Bucharest, Romania

Why work at Dell Secureworks?

Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.

Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview

The candidate must have a firm grasp of application threat modeling and evaluating code for software security vulnerabilities in cloud and mobile solutions, multi-tiered web-based and legacy client/server software solutions. This individual will perform both as an individual contributor as well as play a technical consulting role in providing secure development support and mentorship for a corporate-wide Product Security & Assurance Program

Main Responsibilities

• Provide prescriptive guidance and/or root cause analysis of code-level security vulnerabilities in software, to include 3rd-party components.
• Help guide security quality and risk remediation priorities for code-level software reviews.
• Maintain and help implement source code analysis workflow automation improvements
• Help inspect security vulnerabilities associated with open-source and 3rd-party functional libraries
• Assist with security review or creation of written technical guidance that prioritize and remediate software security defects.
• Create, update and maintain appropriate documentation including on-boarding processes and procedures, operational issue tracking and resolution reporting, ticket management and validation analysis checklists
• Work closely with your team members, development project managers, developers, and development operations, during software design through releases to insure a solid set of security requirements and analysis best practices.
• Partner with technology leads and IT Risk leaders to work through product and/or application security issues, resolution and approved remediation plans.
• Contribute to operational process improvements, aid adoption of secure development practices and capabilities designed to enable high quality software.
• Monitor, research, and resolve issue tickets in the product and application security support queue.
• Build and share knowledge in emerging software analysis technologies in the industry and it relates to the broader program focus.
  

Knowledge requirements

• 4+ years experience in administering software-centric security controls in an organization
• Advanced spoken /written English communications skills
• Languages: C#.Net, ASP.Net, Java, Objective-C, Javascript, Python, Curl, Perl and Windows PowerShell
• Excellent working knowledge of software security industry standards and development lifecycle methods – SEI/CMU, SAFECODE, MITRE - Common Weakness Enumeration – Vulnerability Trends, ISO/IEC 27034, CERT - Secure Coding Standards, OWASP Secure Coding Practices
• Software development and quality assurance testing experience
• IT Systems: SharePoint Administration; MS SQL & IIS Administration, and MySQL
• High proficiency with MS Office productivity applications and Visio
  

Preferences

• Experience with: Veracode, Coverity, HP Fortify, Checkmarx, AppScan, WebInspect Analysis solution
• HP Quality Center, Jira, Team Foundation Services software development lifecycle tools
• Application lifecycle management capabilities
• Threat Modeling tools (e.g. Microsoft SDL, STRIDE, PASTA, etc)
  

Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

LIPRIORITY
Job Function: Information Technology