Senior Application Security Engineer 6/4/2020
JOB DESCRIPTIONAPPLY At Synopsys, we re at the heart of the innovations that change the way we work and play. Self-driving cars. Artificial Intelligence. The cloud. 5G. The Internet of Things. These breakthroughs are ushering in the Era of Smart Everything. And we re powering it all with the world s most advanced technologies for chip design and software security. If you share our passion for innovation, we want to meet you.
Our Software Security and Quality business is all about building secure software faster. That starts with our static analysis, software composition analysis, and dynamic analysis so our customers can build security and quality into the DNA of their code at any stage of the software development lifecycle and across the supply chain. All while minimizing risks and maximizing speed of application development. To find out more about teh business, check out https://www.synopsys.com/software-integrity.html.
Senior Application Security Engineer
We help organizations around the globe secure and manage open source in their applications and containers. Open source use is growing rapidly and so is Synopsys!
As a Senior Application Security Engineer for product security, you will be responsible for product security efforts which includes support security integration in our SDLC process and participating in the vulnerability response and remediation.The ideal candidate is a self-motivated idea generator with previous experience in this type of role with a strong verbal and interpersonal communicator with a positive attitude.
* 3+ years of experience in industry, 1+ years in a security role
* Familiarity with Docker containers
* Experience working within CI/CD tool ecosystems
* In-depth knowledge of security concepts
* Knowledgeable in identifying and remediating web application vulnerabilities including OWASP Top 10
* Knowledge of security tools are beneficial like: Burp Proxy, Firebug, Nmap, AppScan
* Attacker mindset: Passion for breaking into secure web application
* Familiarity with security tools category such as static analysis, dynamic analysis
* Bachelor s or master s degree in computer security or related fields
* Works with product teams to perform design and code review
* Develops new automation and tooling to improve the detection and prevention capabilities
* Evaluates application security tools for internal consumption
* Identifies, reports and fixes security specific technical debt
* Maintains and updates a Threat Model of their product
* Researches weaknesses and finds ways to counter them
* Participates in the vulnerability management process and a contact for Product Security Incident Response Team issues
* Coordinates with Product Security and Release Management to ensure comprehensive security testing is completed and be the first line of triage of results
* Looks for areas to take initiative in filling security gaps where appropriate
Inclusion and Diversity are important to us. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability.