Principal Security Response Engineer

802.11, Analysis, Analytical Skills, Android, Architecture, Assembly, Bluetooth, CASE, Development, Embedded, Java, Lifecycle, Linux, Management, Metrics, Programming, Research, Security, Supervision, Windows, Wireless
Full Time
Telecommuting not available Travel not required

Job Description








Worker Sub-Type: Regular




Job Description:




Location: North America


Do you want to work for a company where security is the number one priority and not just an afterthought? At BlackBerry, we believe that being passionate about security means it starts during the product design phase, is implemented through the full stack of technology, and is consistently maintained with a robust patching strategy. Keeping our enterprise customers and end users BlackBerry Secure has been our top priority since our first security advisory in 2004 and is the heart and soul of what we do.


We are looking for security engineering researchers to join our Security Incident Response Team. You will primarily analyze the world’s most secure Android operating system, but will also kick the tires of our flagship UEM Unified Endpoint Management (aka BES) and get your hands dirty with Good, our container solution.


Come and join our rapidly growing team of Response Engineers; be a part of a high-powered and high-performing team that regularly works across the entire organization, with everyone from product teams to executives. Urgent escalations from enterprise customers, investigating open source vulnerabilities, working with security researchers and a regular patching cycle are all core to this role. The work is diverse, has executive visibility, and is ever changing.


POSITION SUMMARY


BlackBerry strives to build and maintain the most secure, trusted solutions possible. To continue our tradition of excellence, we are looking for individuals in the security space who are technically skilled, knowledgeable, passionate, and experienced to join BlackBerry.


The BlackBerry Security Incident Response Team (BBSIRT) is a center of excellence working to ensure the ongoing security of our products and services for customers and partners worldwide.


We are currently looking for security minded individuals to support our Secure Android Operating System and 30-day patching program and other efforts responding to emergent software-based cyber threats or incidents involving BlackBerry products and services. The successful candidate will work in a fast-paced, highly dynamic and challenging environment and will work with various teams across the organization to support vulnerability mitigation efforts, from identification of potential issues to analysis, mitigation, and related internal and external communications. The technical and threat landscape change constantly and this position would suit someone willing to continually learn while working on cutting edge technologies and handling multiple priorities.


The ideal candidate will already be able to build and manage relationships in a large, complex ecosystem but must be willing to grow this experience. The role centers on solving problems at the intersection of technology and people.


RESPONSIBILITIES

  • Directly support Android operating system vulnerability investigation, driving a monthly patching cycle, and open source software updates
  • Identify, track and report on emergent threats to the security of BlackBerry products, associated companies, and customers.
  • Work with research and engineering teams to provide in-depth technical analysis of security issues and work across the organization to support and ensure holistic remediation efforts. These are often time critical.
  • Triage code defect based issues and quantitatively evaluate risk using industry standard metrics such as CVSS.
  • Prioritize and coordinate case-specific response activities, driving timely and appropriate remediation of issues. Reporting the problem is not enough; solutions should be offered.
  • Track and report on remediation efforts
  • Cultivate strong working relationships with external researchers, reporting organizations and customers to ensure effective collaboration. Work with customer facing and internal teams to continually improve processes used to identify and fix product security issues
  • Continually deepen knowledge and skills in support of maintaining the security of BlackBerry customers.
  • Create effective communications for internal and external customers, working with others to ensure professional and accurate information delivered.


ESSENTIAL SKILLS AND QUALIFICATIONS

  • Strong system level Java/C++ programming and debugging experience
  • Ability to analyze code behavior down to assembly level language
  • Able to track and manage numerous parallel activities
  • Firm grasp of secure software development lifecycle
  • Holds a Bachelors degree, Masters degree or equivalent in a computer science/engineering OR related and relevant experience
  • Understands common classes of product security vulnerabilities and attack/defense methodologies deeply
  • Knowledge of the architecture of at least one common OS such as Android, Linux, Windows.
  • Knowledge of application security configuration and best practices
  • Experience with issue management as well as designing/defining proactive mitigation strategies
  • Strong written and verbal communication skills with both technical and non-technical audiences
  • Demonstrates advanced analytical skills
  • Cool under pressure, objective and diplomatic
  • Able to work collaboratively with minimal supervision as part of a multi-disciplinary team


ADDITIONAL ASSETS

  • Reverse engineering skills
  • Some knowledge of wireless communications security (802.11, Bluetooth, cellular data, etc.)
  • Personable – some customer contact will be needed
  • Ability to create proof of concept exploits for common types of vulnerability


If you're driven to take enterprise, mobile and embedded technologies to the next level, it's time you join the team at BlackBerry. We offer a challenging environment that fosters creativity and rewards excellence. Employees also have use of our award


#LI-DA1



Job Family Group Name: Product Development




Scheduled Weekly Hours: 40

Dice Id : 10112634
Position Id : 20161311
Have a Job? Post it