Define security requirements and checklist for IoT platforms.
Champion the Clients product security SDLC. This includes threat modeling, security testing, penetration testing, security code reviews, and secure design/architecture reviews, and identifying and fixing vulnerabilities in software and applications.
Perform vulnerability research, assessment and management, serve as technical security/risk advisor on all new technology/developed by the Client.
Provide architectural guidance and leadership on best practices regarding security in software development, IoT platform, mobile application, user interface design frameworks, high performance messaging solutions, server-side development, integrations and tools and technologies.
Work across SW/HW engineering, production, and operations teams and ODM/OEM to identify component and system level security risks, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines.
Work with corporate security governance team to comply with internal SLA and policies.
Mentor junior Security Engineers.
Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions.
12+ years of experience in security research, product security, and/or software engineering.
Demonstrated expertise in cryptographic algorithms and protocols.
Demonstrated expertise in network protocols.
Demonstrated expertise in end-to-end software architecture.
Proficiency in programming languages - Java, C/C++.
Proficiency in Secure Boot and Trusted Execution Environment (TEE).
Ability to present complex security topics to wide range of internal and internal audiences (engineers to executives).
Strong project planning and execution skills.
Excellent written & oral communication skills and coordination with peers, end-users, and management.
Good analytical and debugging skills; creative ability, good organizational skills.
CISSP or equivalent certification.
Proficiency in audio and video streaming protocols.
VIEW JOBS10/5/2020 12:00:00 AM2021-01-03T00:00Security Architect
UST Global® is looking for a Security Architect to perform architecture reviews (e.g.; assess technical; business process and information architecture; categorize risk; determine vulnerability; apply security models and templates; look for potential threats; identify right level of engagement based on risk ).. The candidate must possess excellent written and verbal communication skills with the ability and collaborate effectively with domain and technical experts in the team.
As a Analyst-Program/Project; you will be responsible for:
1. Perform architecture reviews (e.g.; assess technical; business process and information architecture; categorize risk; determine vulnerability; apply security models and templates; look for potential threats; identify right level of engagement based on risk ).
2. Interpreting Business & Security Requirements. Security Risk Analysis & Planning. Evaluate vendor products for security requirements.
3. Evaluates and makes recommendations on technology effectiveness. Manage issue resolution with vendors on security issues.
4. Establish and maintain policy on security architecture; communicate best practices and guidelines. Respond to arch and service review requests; engage in structured dialogue around business strategy and goals and implications for risk/ security.
5. Flexible to adjust to changing business needs
1. Mobile device security best practices; endpoint posture assessment; device management and cloud integration capabilities
2. Security fundamentals with a solid understanding of threats; vulnerabilities; risks; defenses; security principles and policies
3. Strong foundation in network security technologies such as firewalls; remote access; application security; device hardening; intrusion detection and prevention; network segmentation; encryption; mobility; collaboration; etc..UST GlobalSan JoseCA
VIEW JOBS4/23/2020 12:00:00 AM2020-07-22T00:00Come build with us. Our Security Team is growing and this is your chance to make an impact. Nutanix is disrupting the multi-billion dollar Enterprise Cloud market by groundbreaking the first converged compute & storage virtualization appliance that can incrementally scale out to handle petabytes of data while running tens of thousands of virtual machines.
Are you an adept Product Security Architect with broad expertise in cloud services and software products for the enterprise? If so, our Xi Cloud Services Reliability Engineering team is looking for you. This role requires experience on the security side of Product Engineering.
At Nutanix, we lead with Security and compliance. Our Cloud Reliability Engineering Product team focuses on building secure and compliant products and services for both On Premise and Cloud.
* Product Engineering:You will represent the Product Security and SDL team within the PMO, Release Management, and individual Product and Program Management teams directly. These responsibilities will include driving Security and Compliance priorities within product, oversight of security-related development or features in conjunction with the SDL team, and reporting of status to leadership.
* Security Consulting: Teams will expect you to help them in understanding and exploring technical fixes for complex security issues identified through design review, static code analysis, dynamic code analysis, penetration testing, bug bounty programs, and third-party library scanning.
* Emerging Security Research: Connect with the security community and being on the forefront of emerging threats against product and cloud services. This includes researching externally found vulnerabilities and exploits as well as performing security research.
* Product Compliance:Understand and be able to consume various compliance requirements from a technical perspective and drive product teams to resolution or mitigation of required controls. Work closely with internal Compliance Program team in technical alignment, vetting and reporting.
* Vulnerability Discovery and Build Automation:Assist teams with resources as they set up automated (build-integrated) security tools. You will not be primary on this activity but should be able to assist and point teams in the right direction.
* Automation: Be comfortable with scripting and automation, using bash, python, and similar. This would not be your "day job," but we're looking for people who think automation first.
* Partnership and Communication:Collaborate with the engineering groups to advise on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security standard methodologies. Educating the company on vulnerabilities & exploits with proof of concepts.
* BS or MS in Computer Science or a related field.
* Product Security Architecture and Engineering experience is a must.
* 15+ years of experience in security and software engineering.
* Strong knowledge in web protocols, operating systems (preferably Linux), hypervisors and distributed systems architecture.
* Deep understanding of security vulnerabilities and attacks and the ability to apply them or find new ones based on new technology being developed.
* Experience with Rest APIs (swagger, postman, etc), SDLC, OWASP, SAML, Oauth2, and vulnerability frameworks
* Working experience with one of the following programming languages: Java, C++/C, Go, or Python
* Experience with Configuration, design, and architect application/cloud security products
* Knowledge of CentOS Linux
* Audit experience is desirable
* Distributed systems and cloud services experience is desirable.
We're an equal opportunity employer
Nutanix is an Equal Employment Opportunity and (in the U.S.) an Affirmative Action employer. Qualified applicants are considered for employment opportunities without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, protected veteran status, disability status or any other category protected by applicable law. We hire and promote individuals solely on the basis of qualifications for the job to be filled.
We strive to foster an inclusive working environment that enables all our Nutants to be themselves and to do great work in a safe and welcoming environment, free of unlawful discrimination, intimidation or harassment.
VIEW JOBS10/16/2020 12:00:00 AM2021-01-14T00:00Zoom is an award-winning workplace. We have been recognized by Comparably as #1 CEO, Company Happiness, Benefits, Compensation, Diversity, and more! Not to mention we've been awarded by Glassdoor as the 2nd Best US workplace & Best Large Company US CEO in 2018, Wealthfront, and Business Insider. Our culture focuses on delivering happiness, our commitment to transparency, and the tangible benefits we provide our employees and our customers.
The Distinguished Security Architect role at Zoom is a senior level role reporting directly to the Global Solution Engineering Leader. The Distinguished Security Architect is responsible for shaping and executing strategic priorities for the SE organization to help scale the larger Zoom SE team.
This role is someone who is viewed as both a domain and industry expert in their field of expertise. They possess deep technical knowledge and ability and will be tasked with the most demanding projects and design requirements. They will serve as an escalation point for the Global Solution Engineering organization.
This person will consult with sales, product management, engineering, marketing and other cross functional departments to drive strategic and tactical planning, execution of the key initiatives needed to drive sales, competitive strategy, and cross architectural technology leadership. They will also serve as a technical architectural interface for the larger Global Solution Engineering organization.
As a Distinguished Architect you will be:
* Leading the technology expertise with specific focus on security
* Engaging with engineering and product teams to drive security framework and best practice
* Identifying gaps in security design and reviewing proposed architecture with an aim to recommend changes or enhancements
* Driving organization and leadership of SE subject matter expert team
* Prioritizing customer product requirements and requests
* Engaging with product management on roadmap, release and development
* Leading technical solution design, testing, implementation, testing, certification
* Providing technical thought leadership and industry influence
* Advising senior leadership on emerging technologies and solutions
* Leading strategic technical engagements directly with customers
* Conducting internal and external technical training and labs
* Developing whitepapers, tech notes, competitive documents and guides
* Developing, building and maintaining SE knowledge base / repository
* Leading knowledge share sessions with as required
There will be travel required in the territory stated above. We will greatly promote the use of the amazing Zoom tools we have to maximize all the resources at Zoom.
* Cloud security architecture expertise
* Cryptographic methods and implementation expertise
* Industry knowledge of relevant security/compliance frameworks (ISO 270001, SOC2, NIST, FedRAMP, etc)
* Subject matter expert with the ability to cross train other individuals as required
* The ability to identify risks and work with relevant parties towards resolution
* Domain expertise in one or more of the following subjects: Chat, Meetings, Video, Voice, SIP/SBC/Peering, API/Marketplace, FedRAMP
* Minimum 15 years experience in the communications and/or software applications industry with a specific focus on security
* Virtual Desktop Infrastructure knowledge is beneficial (Citrix, VMware etc.)
* Ability to design, develop content and deliver technical trainings
* Create, present and document technical solutions
* End-to-end IT systems knowledge
* Industry expert level solution sales ability
* Ability to apply IT Systems knowledge to customer solution design
* Formulate and communicate a technical solution / vision
* Understand Zoom partner and ecosystem partners, products and applications
* Mentor developing team members
* Act as a leader when the situation warrants
* Be flexible and able to function in a high growth environment
* 15+ years of technical experience in Security technologies
* 10+ years in a customer facing technical role required
* Thorough competitive knowledge (in their area of specialization) including solution, technology and product offerings
* Zoom Communication platform and end-to-end positioning required
* Typically requires BS/BA (EE/CS) or equivalent
* Preference given for holding expert level collaboration certification or patent
Zoom Video Communications Company Culture Highlights:
* Winner of Comparably's Award for Best Company Work-Life Balance 2019
* Winner of Comparably's Award for Best Company Compensation 2019
* Winner of Comparably's Award for Best Company Happiness 2019
* Winner of Comparably's Award for Best Company Perks & Benefits 2019
* Sales Department is ranked in the top 5% of companies for Diversity on Comparably.
* Zoom Video Communications is ranked in the top 5% of companies for Professional Development on Comparably.
* Zoom Video Communications is ranked in the top 5% of companies for Overall Culture on Comparably.
Check us out on Comparably: https://www.comparably.com/companies/zoom-video-communications.
Check us out with a free download: zoom.us/download
Zoom Video Communications is an equal opportunity employer and evaluates applicants regardless of an individual's age, race, color, gender, religion, national origin, sexual orientation, disability or veteran status. Our combined differences are what make us Zoom!