Senior Security Engineer - Testing And Assessment

Smartthings Minneapolis , MN 55415

Posted 5 months ago

Did your things make you go "wow" today? At SmartThings, we are dedicated to making every home a Smart Home - and as the IoT platform of Samsung, with millions of users and connected devices, we are well on our way. We strive to create an easy-to-use, secure, and above all intelligent IoT solution for the home that delights our customers. Our fun, intelligent, and creative teams need your help to make our things a little more connected, and a lot smarter.

We're SmartThings, a Samsung-owned company operating independently from offices in Mountain View, CA and Minneapolis, MN, and we're creating the easiest way for anyone to turn their home into a smart home.

Like the smartphone revolution before it, we believe that smart homes are going to have a massive impact on how we interact with the world around us. As the things in our homes wake up, allow us to control them, and are able to automatically react to our needs and preferences, it will become easier to secure our homes, save energy, and stay connected to loved ones. Once the smart home technology spills into larger communities and countries, the potential to reduce global emissions, improve service industries, and create a safer, smarter planet will be within our reach.

Internet of Things is going mainstream and transforming the life of millions of people world-wide. The implications of IoT are huge as it will unify every'thing' everywhere to solve real-life problems for home users as well as whole industries and beyond. IoT and home automation are the biggest innovations that have transformed the way we live. There is a huge opportunity for InfoSec practitioners to shape the security aspects of IoT as it is evolving and there is no better place to do that than Samsung SmartThings. SmartThings is seeking a highly skilled and experienced Security Engineer to join our team. SmartThings cloud architecture is also evolving rapidly with growth of its user base, partner integrations and new features. The Security Architect will support our ecosystem, its expansion, migration to micro-services architecture and growing list of new features to ensure assets of SmartThings and its users are protected at all the time.

Responsibilities:

  • Perform security research, analysis, and testing via threat modeling, vulnerability assessment, penetration testing, and/or social engineering across a wide variety of applications, platforms and systems.

  • Clearly outline and document risk impacts of test findings in reports.

  • Conduct read-out sessions to present findings to bring all stakeholders to a common understanding of the security issues, its impact and remediation plan.

  • Test, triage and drive remediation of security issues reported by external parties.

  • Troubleshoot and handle security incidents in production.

  • Educate engineering/DevOps/IT teams on best security practices.

  • Ability to lead projects that are not fully defined and influence direction as appropriate.

  • Influence on projects and team.

  • Understand how work fits into larger projects.

  • Proactively identify areas for improvements. Strategy within team area, and clearly communicate action plans across teams.

  • Mentor other engineers and lead technical onboarding.

  • Ability to work within established infrastructure and quickly become familiar.

  • Constantly demonstrate most if not all of our Core Values.

Requirements:

  • 3+ years of experience in a similar role

  • BS degree in Computer Science, Information Security, or similar discipline

  • Experienced and proficient with the common tools associated with penetration testing.

  • Prior security testing and assessment experience in an IoT environment and/or embedded devices is highly preferred.

  • Able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms

  • Desirable certifications: OSCP, GPEN, OSCE

  • Software development experience to build security tools, libraries, proof-of-concepts, hands-on educational labs is preferred

Take your career to the next level at SmartThings ....... APPLY TODAY!


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Info Security Engineer 4

Wells Fargo

Posted 6 days ago

VIEW JOBS 7/18/2019 12:00:00 AM 2019-10-16T00:00 Job Description At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members. This position is part of the Appliance/HSM Management & Engineering Team within Information Protection Technologies (IPT), providing end to end management of all appliances/HSMs for multiple data protection/encryption solutions within the Wells Fargo Enterprise Information Security (EIS) organization. This position provides Tier 3 support and engineering for multiple data protection technologies deployed across Wells Fargo networks, applications, public key infrastructure and authentication services. The person selected for this position will work with partner Engineering Teams on identification and remediation of security vulnerabilities, and may also conduct risk assessments of Infrastructure to ensure compliance with corporate security policies and adherence to best practices. Performs access, configuration change and health monitoring of appliances/HSMs, which may include reviewing logs, writing scripts for automation of tasks and taking other technical actions required to keep Infrastructure healthy and highly available. This role will also participate in the research, analysis, design, testing and implementation of complex data protection technologies alongside other teams within our organization. The position includes periodic 24/7 on-call support rotation and some evening work will be required. May provide technical guidance to less experienced staff. Given the nature of the encryption technologies, the team environment is very fast paced and requires the ability to drive to solutions as an individual and to work effectively with the team as well. Telecommuting option available for this role, however onsite Data Center visits will be needed to complete hands' on activities with the infrastructure. Required Qualifications * 5+ years of information security applications and systems experience * 5+ years of experience with Linux operating system engineering or automation * 2+ years of Windows or Linux scripting experience * 1+ years of experience with encryption/decryption and transfer of data Desired Qualifications * Advanced Information Security technical skills * Ability to manage complex issues and develop solutions * Excellent verbal and written communication skills * Certified Information Systems Security Professional (CISSP) * Knowledge and understanding of cryptography and key management * Knowledge and understanding of technology server: file encryption technology, encryption key management and information security policies * Digital certificate management experience * Knowledge and understanding of leveraging and administering digital certificates, and keys for authentication and encryption * Knowledge and understanding of Python, Ruby, PowerShell, and Shell scripting * Knowledge and understanding of Splunk * Ability to coordinate completion of multiple tasks and meet aggressive time frames * Customer service experience * Experience facilitating meetings with team members in various remote locations Other Desired Qualifications * Engineering knowledge & experience with encryption HSM products such as Gemalto/SafeNet, Thales/nCipher, FutureX * Advanced problem solving and technical troubleshooting capabilities * Ability to be a self-starter and function individually in a fast paced environment * Ability to manage complex issues and develop solutions * Must be organized and have rigorous attention to detail * Proven written and verbal communication skills with both Business/Management and Technical/Engineering resources Job Expectations * Ability to lift 50+ pounds Street Address MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo Minneapolis MN

Senior Security Engineer - Testing And Assessment

Smartthings