T*I
2 楼
Our Information Security (Infosec) Team is responsible for the security of
company's people, infrastructure, and customer deployments around the globe.
Infosec Engineers are highly motivated team players with a dedication to
security and technology. They thrive on solving problems and tackling new
challenges.
As an Application Security Engineer, you will act as both a builder,
creating tools to help our engineers write more secure code, and a breaker,
performing penetration tests of internally developed applications.
RESPONSIBILITIES
Consult with internal teams to assist in design, threat modeling, and
reviewing security-critical code
Conduct periodic penetration tests of internal applications with up to
several million lines of code
Plan, build, and deploy infrastructure to help our engineers detect and
remediate vulnerabilities automatically
Work with external vendors to support 3rd party security reviews
REQUIREMENTS
Expert-level knowledge in Python, Java, or Go
Strong familiarity with OWASP top 10 web vulnerabilities and the ability to
explain them
Expert with ZAP, Burp, or another intercepting proxy
Knowledge of the role of static and dynamic analysis in a robust security
testing suite
PREFERRED
Experience in evaluating the choice and implementation of cryptography
Experience in evaluating the security of mobile applications on iOS and
Android
Experience in evaluating the security of applications
Experience in integrating WAFs as part of a defensible application stack
Experience with fuzzing
Experience with threat modeling, especially STRIDE
请发简历到[email protected]
/* */
我可以直接和HIRING MANAGER推荐。
另外,这个工作地点在santa clara,可以sponsor H1B和申请绿卡
company's people, infrastructure, and customer deployments around the globe.
Infosec Engineers are highly motivated team players with a dedication to
security and technology. They thrive on solving problems and tackling new
challenges.
As an Application Security Engineer, you will act as both a builder,
creating tools to help our engineers write more secure code, and a breaker,
performing penetration tests of internally developed applications.
RESPONSIBILITIES
Consult with internal teams to assist in design, threat modeling, and
reviewing security-critical code
Conduct periodic penetration tests of internal applications with up to
several million lines of code
Plan, build, and deploy infrastructure to help our engineers detect and
remediate vulnerabilities automatically
Work with external vendors to support 3rd party security reviews
REQUIREMENTS
Expert-level knowledge in Python, Java, or Go
Strong familiarity with OWASP top 10 web vulnerabilities and the ability to
explain them
Expert with ZAP, Burp, or another intercepting proxy
Knowledge of the role of static and dynamic analysis in a robust security
testing suite
PREFERRED
Experience in evaluating the choice and implementation of cryptography
Experience in evaluating the security of mobile applications on iOS and
Android
Experience in evaluating the security of applications
Experience in integrating WAFs as part of a defensible application stack
Experience with fuzzing
Experience with threat modeling, especially STRIDE
请发简历到[email protected]
/* */
我可以直接和HIRING MANAGER推荐。
另外,这个工作地点在santa clara,可以sponsor H1B和申请绿卡
相关阅读
[转载] virus求救!!!!有没有办法屏蔽自己机器的ip呀NORTON和MCAFEE哪个好?[转载] purdueefcu.com safe enough?[转载] 现在哪个防火墙比较好?请教:有通过http port80来破坏server的病毒吗?紧急求助!QQ上的病毒传上了我的电脑!怎么每次MSN6.0用的端口不一样啊?buhb.exe?标 题: norton 2004 求救请教一下,message service是什么东东[转载] 今天收到陌生email不要打开Re: 刚才吓坏了有什么办法入侵BBS系统吗?SoBig.F help-- how to kill this worm????问题求助[转载] Junk E-mail in Office2k3如何知道自己自己是否被hacker利用? ---网络流出量大于流入量,是怎么回事儿?