Senior Security Engineer (PT)

  • Competitive
  • Singapour, Singapore
  • CDI, Plein-temps
  • Morgan McKinley Singapore
  • 12 nov. 18

Senior Security Engineer (PT)

Responsibilities:

  • This team provides coverage on weekends and weekdays during waking hours in each region.
  • Identification and remediation of high priority web application/environment security issues, including:
    • Screening potential issues
    • Providing remediation guidance
    • Conducting validations of potential fixes or mitigations
    • Providing risk and impact assessments of vulnerabilities or proposed mitigations
  • Supporting other 24/7 Information Security teams with application security expertise
  • Conducting security architecture review of the full stack including applications built on cloud and emerging technologies
  • Conducting manual application security testing and source code auditing for a variety of technologies
  • Providing clear and detailed risk assessment and remediation guidelines for developers and business owners
  • Conducting penetration testing targeting critical data, services, and environments; reporting underlying security issues and proposing improved security protections
  • Security research on the latest standard methodologies, trends, threats and vulnerabilities, and technology frameworks
  • Documenting and disseminating security guidelines for common security issues, remediation mentorship, and security technology baselines
  • Developing tools and exploits to support application security review and/or penetration testing
  • There may be occasional travel to meet other team members in other regions.

Requirements:
  • BS in Computer Engineering with specialization in Information Security or 4+ years of equivalent, hands-on information security experience in a large enterprise environments a plus.
  • Experience in manual testing web applications or enterprise penetration testing
  • Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, Objective C)
  • Proficiency in either Mac OS X and/or other flavors of UNIX Ability to explain basic networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application architecture feedback Background in web application development and/or code auditing strongly preferred
  • Strong verbal & written skills
  • Passion for discovering and researching new vulnerabilities and exploitation techniques