Product Security Engineer – Penetration Testing
Location: Hopkinton, MA or Round Rock, TX
Dell provides the technology that transforms the way we all work and live. But we are more than a technology company — we are a people company. We inspire, challenge and respect every one of our over 100,000 employees. We also provide them with unparalleled growth and development opportunities. We can’t wait for you to discover this for yourself as a Product Security Engineer-Penetration Testing on our Product & Application Security team.
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
As a Product Security Engineer, you will play a crucial role in ensuring the security of our products and applications using offensive security best practices. The Product Security Engineer will join Dell’s Product & Application Security Organization as a member of our Secure Development Lifecycle (SDL) team. The SDL is a strategic program for consistently building demonstrably resilient software across Dell’s diverse product and technology portfolio – ranging from firmware to cloud-based solutions.
Principal Duties and Responsibilities:
- Shares application security testing knowledge and builds security integration tools with product engineers
- Leads security testing engagements with product teams and mentors engineers on security testing methodologies and techniques
- Collaborates with developers and testing/quality engineers to provide solutions for discovered security issues and provides product teams with scripts, tools and testing strategies
- Documents and shares with the product teams the issues discovered, including the steps to reproduce and mitigate them
- Writes custom tools that can help product teams conduct efficient security testing
- Leads security testing workshops to teach other engineers at Dell how to find security issues in products
- Documents generic test cases for publication in Product Security knowledgebase
- Collaborates and contributes to security testing community across the company to share best practices
- Proactively identifies new testing tools that help advance security testing
- Bachelor’s degree in Computer Science, Computer Engineering or related field with 8+ years relevant experience; or Master’s degree with 6+ years relevant experience; or equivalent experience
- Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10, SANS/CWE top 25 and vulnerability scanning
- Experience with penetration testing tools (e.g. Kali Linux, Burp Suite, etc.)
- Ability to think like an attacker and make sure that Dell EMC products are ready to stand up to current and future attacks
- Subject Matter Expert on software vulnerability types and exploitation
- Knowledge of how to test code and applications across various platforms (Linux, Windows, etc.) for security issues
- Knowledge of at least one programming or scripting language such as Python, Java, C, Ruby, etc.
- Strong understanding of the network stack including ports and protocols
- Good presentation & documentation skills
- Ability to articulate business impact of software security problems
- Certifications such as OSCP, CEH a bonus
- Knowledge of fuzz testing frameworks
- Master's degree in Information Security or similar technical field desirable
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
If you can ensure the highest level of security for our customers, this is your opportunity to develop with Dell.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.