Senior Security Architect Description
HP-s world class platform team producing -World-s Most Secure and Manageable PCs- is looking for a proactive, diligent team player from a security architecture and product development background with the ability to work seamlessly across multiple teams and functions in HP, interfacing with senior system architects, technologists and engineers who possess a diverse set of skills ranging from academic research through to product development. They will have an interest in cyber security and system security trends, and be able to identify the applications of these for securing the diverse set of PC Platform capabilities, such as hardware, firmware, software for security, manageability, cloud based services and applications, etc. Join us to help improve the privacy and security of millions of HP customers all over the world. In this highly visible and challenging position, you will oversee - and continually enhance - all facets of the software security assurance process used by the HP Business PC organization. Responsibilities
Education and Experience
- Manage, improve, and expand the secure software design and development processes for all HP Business PC products.
- Review and evaluate designs and project activities to ensure secure development best practices.
- Lead development of security design (secure design protocol using security principles) for a wide ranging projects and solutions for internal and external projects.
- Provide security leadership and evangelization for internal teams and outward to other HP business units.
- Drive innovation and integration of new security technologies and processes into development team projects and activities.
- Provide guidance and mentoring to early career staff members.
- Develop in-house tools to aid in testing application security effectiveness.
- Help team to design a workflow for handling security assessments.
- Understand and work with team to implement security test methodologies.
- Must be able to assess application security threats and provide mitigations.
- Bachelor's degree in Computer Science, Information Systems, or equivalent is desired. All applicants with applicable experience will be considered.
- 6+ years writing software in C/C++, C#, or Java.
- Knowledge of a scripting language preferably Python or PowerShell.
- Experience performing code reviews and mentoring/guiding team members.
- Excellent English written and verbal communication skills
- Should have the ability to transfer complicated technical information to non-technical personnel
- Understanding of CVSS v2 and v3, vulnerabilities, exploits, payloads and evasions
- Knowledge in reverse engineering and debugging application binaries with IDA Pro
- Familiarity with tools such as Metasploit, Nessus, Nmap, Tcpdump, Wireshark and Burp Suite
- Proven ability to think out of the box and find vulnerabilities in software and hardware
- CISSP certification a plus