Thursday, May 25, 2017

Information Security Engineer

Information Security Engineer – BMCSJP00008470

  • Security Engineer will work in BMC’s R&D Security Group responsible all product security including secure software development lifecycle, application & SaaS security, security testing, security architecture review, threat modeling, cloud security assessment, and cloud security architecture.
  • Security Engineer will also work closely with R&D engineers, security operations, and product leads in enhancing the overall product security posture. 

  • Perform security assessment of R&D products covering application, open source, infrastructure, and cloud 
  • Provide subject matter expertise of application and SaaS security 
  • Develop security policies, standards, procedures and guidelines related to product security and release management 
  • Implement necessary application security measures such as secure coding and security testing 
  • Implement necessary security tools to test, monitor and detect security events 

Qualifications Required
  • B.S. or MS in Computer Science or related field, or equivalent experience 
  • Experience in Java and C/C++ 
  • Meaningful experience in many of the following areas: 
    • Securing software products and SaaS apps 
    • Cloud security architecture & operations 
    • VMWare & AWS Security 
    • Cryptography, key management, authentication and authorization 
    • Red team operations 
    • Hardening operating systems and application infrastructure 
    • Threat and vulnerability management 
    • Dynamic and Static Application Security Testing 
  • Understanding and good working knowledge of Java software development 
  • Application development experience a definite plus 
  • Experience leading cross-functional, multi-site teams 
  • Experience working in fast paced, dynamic environment

Byron Fish
Technical Recruiter