Software Security Research Engineer - AppSec

AppSec, Security, SCA, Static Code Analysis
Full Time
Depends On Experience
Work from home not available Travel not required

Job Description

Micro Focus Fortify is seeking an energetic, self-driven enterprise Software Security Researcher who understands that security is more than firewalls and encryption. Software security is becoming a bigger concern as more and more organizations are experiencing embarrassing public incidents with large losses of data. We re looking for people to:

  • Expand the security content and capabilities of Micro Focus Fortify Products
  • Improve Fortify s ability to communicate with and educate customers about security issues
  • Publish and present Fortify s research and other relevant security topics
  • Follow trends in software security and assess their significance
  • Investigate and implement techniques for exploiting security vulnerabilities
  • Discover new methods for automatic identification of vulnerabilities
  • Extract the essence of known vulnerabilities to shape products of the future
  • Identify new vulnerabilities in open source projects and customer code

The Software Security Research (SSR) team specializes in approaching security from the perspective of how we build and use software. SSR is responsible for conducting security research which leads to enhanced security products as well as contributions to the Micro Focus Security Research Blog, whitepapers, conference presentations, and annual Cyber Risk Report.

SSR in the past has identified new types of software vulnerabilities, defined the taxonomy used by all Fortify products and highlighted broad security problems in development practices. The team regularly speaks about these topics at major industry conferences, such as RSA, BlackHat, DefCon, and OWASP APPSEC.

In addition, the SSR team is responsible for quarterly releases of security content for Enterprise Security Fortify products (Static Code Analyzer, WebInspect, Fortify on Demand, Application Defender, and Software Security Center Server).These updates expand the types of issues detected and platforms and libraries supported. Content updates are driven by customer needs and the SSR team s broader research agenda, allowing the Fortify products to keep up with a rapidly evolving development and security landscape.

Required Skills:

  • Bachelors/Masters/PhD in Computer Science/Engineering
  • 6+ years systems/software experience with strong focus in enterprise security.
  • Proficient in multiple programming languages (e.g. C#/ASP.NET, Java, C/C++, Objective-C, SWIFT)
  • Strong technical communication skills
  • Interest in software security and secure development
  • Exposure to common security software flaws

Preferred Skills:

  • Proficient in scripting languages (e.g. Ruby, Python, JavaScript)
  • Source code auditing experience (especially Fortify SCA)
  • Experience working in a large enterprise software development environment
Dice Id : 91109223
Position Id : 7007023
Originally Posted : 2 months ago
Have a Job? Post it

Similar Positions

Security EngineerBHJOB11946_440254
  • CVPartners in Technology
  • Pleasanton, CA
Sr. Web application Security Engineer
  • Adroit Resources
  • Fremont, CA
Sr. Security Engineer
  • Bayside Solutions
  • Campbell,ca, CA
Senior Web App Security Engineer
  • Tailored Brands
  • Fremont, CA
Vulnerability Management Engineer/Analyst
  • aumkaara Inc.
  • Sunnyvale, CA
Sr. Security Analyst
  • Kforce Technology Staffing
  • San Ramon, CA
Java Security Engineer
  • Virtusa
  • San Jose, CA
Data Security Engineer
  • cPrime, Inc.
  • San Jose, CA
Jr. Security Analyst / Engineer
  • WaveStrong, Inc.
  • Pleasanton, CA
Information Security analyst
  • Headway Tek Inc
  • Austin, TX
Technical Security Analyst
  • Staffing Headquarters LLC.
  • Sunnyvale, CA
Senior Web App Security Engineer
  • Tailored Shared Services
  • Fremont, CA
Senior Web App Security Engineer
  • Capital Markets Placement
  • Ca
Security Analyst
  • Softsol Resources Inc
  • Pleasanton, California