Praca: Principal Device Offensive Security Engineer


Principal Device Offensive Security Engineer
[online recruitment]
Location: woj. łódzkie
Reference number: VR-60476
Project Description:

Our Video Collaboration products help companies stay connected and can be found in the conference rooms of some of the biggest businesses in the world. We are a small nimble group and we are growing our team. We create amazing experiences in the conference room using creative design, surprising science, and innovation. We love what we do because we are passionate about connecting people and we use the products we create every day to stay connected to our team.

We are looking for a Senior Device Security engineer who is interested in working across the entire technology stack; from device hardware, firmware, through mobile applications, communication protocols, and into back-end cloud software and infrastructure. We dont require full stack experience, but we do expect you to be a subject matter expert in at least one area.

Ideal candidates can come from many different backgrounds — you may be a software engineer who is passionate about security, a bug bounty researcher, have already worked in product security teams, or youve had experience working as a security consultant.

Product Security goes beyond finding and eliminating security vulnerabilities in our products; we want to stop them occurring in the first place. As a team, were passionate about root cause analysis; training and awareness; driving security in product road maps; and improving on core frameworks, infrastructure or detection tooling.

Responsibilities

Be Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. Leave your ego at the door when you come to work every day. These are the behaviors you’ll need for success at Project. In this role you will be responsible for:

Lead and mentor the team that will focus on offensive security

Develop plans for testing the various interfaces on the device including hardware and software

Identify best in class tools to accomplish the goals

Continuously improve our abilities to attack a device

Provide leadership in this domain

Skills
  • Must have performed penetration testing on IOT devices and other appliances running windows, Android, Linux and other operating systems

  • Deep knowledge of penetration testing of network interfaces like WiFI/Ethernet with tools and processes

  • Good knowledge of testing BT/BLE interfaces with tools and processes

  • Must have developed some custom tools and crafted custom messages to inject threats and assess how the device holds up

  • Good knowledge of the device boot process and how to assess and generate threats that can make the device fail to boot or modify the boot parameters that change the state of the device

  • Good understanding of modern operating systems Linux, Android, Yocto and what security mechanisms exist in the various components including known vulnerabilities

  • Advanced knowledge of revision control and code review tools like git, gerrit and build infrastructure like gradle, maven, jenkins

  • Advanced programming skills in scripting languages, Python, Bash etc

  • Good knowledge of pentesting cloud apis

  • Good knowledge of programming languages, C/C++/Java and how to write secure code

  • Advanced knowledge of cryptography cipher suites, PKI, symmetric and asymmetric cryptography

  • Good knowledge of how TLS sessions are established, how encryption works and how to protect/secure a network or infrastructure

Our offer
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Career and Professional Development
  • International projects for clients all over the world
  • Competitive salary
  • Individual development plan
  • Managerial Targeted Training programs
  • BRIDGE Mentoring Program
  • Luxoft Training Center
  • Language Classes
  • Self-learning online library
  • Global Relocation Program
  • Internal Mobility (a chance to gain experience in varied projects and technologies)
  • Professional communities for knowledge-sharing (Agile, Tech, Business)
Well-being
  • Group Life Insurance
  • Travel Insurance
  • Private Healthcare (dental care, unlimited consultations of specialist physicians)
  • Medical costs reimbursement for employees
  • Benefit Program (Cafeteria and Multisport Card)
Work-Life Balance
  • LuxGood Program (a wide range of health and well-being initiatives)
  • After-hours groups (sport, trips, board games, cultural activities)
  • Company and Team events
  • BeLux - discount offers program (banking, car leasing, other)
  • Convenient locations in modern offices
Please send your CV with consent for processing your personal data for recruitment purposes using the below button
APPLY
Informujemy, że administratorem danych jest Luxoft z siedzibą w Krakowie, ul. Bora Komorowskiego(dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie.
APLIKUJ TERAZ

Zobacz podobne oferty

NOKIA

łódzkie /
  • Location: Wrocław About the project Radio Frequency Software department is looking for motivated integration and verification professionals for the position of Verification Architect. We are a...

  • Dodane: wczoraj

NOKIA

łódzkie /
  • Location: Bydgoszcz Nokia is a global leader in the technologies that connect people and things. With state-of-the-art software, hardware and services for any type of network, Nokia is uniquely...

  • Dodane: wczoraj

Luxoft

łódzkie /
  • o Manage "Architecture & Security" Backlog in a scrum like manner o Design, review and challenge an infrastructure architecture, third party integrations o Provide security assessments and security...

  • Dodane: 2021-06-13

Luxoft

łódzkie /
  • Be Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. Leave your ego at the door when you come to work every day. These are the behaviours youll need for success...

  • Dodane: 2021-06-12