Product Security Software Engineer - Plano, United States - eTeam Inc

Description

Job Title: Product Security Software Engineer

Location: Plano, TX

Pay Rate: $80/hr on W2

Duration: 12 Months + Extension

Description:

RM NOTES:

Top three skills:

• Python
• Git or git hub
• Agile methodologies

Other important notes:

• Candidate must have strong experience in software development
• Must have solid experience in software solution architecting/prototyping
• Must have strong experience in technical agility
• The job title is Product Security Testing Software Engineer, but the primary responsibility of the candidate is a software development (Programming). We are looking for someone who is a software engineer also, who knows security testing better
• Must have strong experience in security or Cyber security
• This is an on-site job and need local candidates only

Requirements:

• Product Security Testing Software Engineer:
• In this role you will play a pivotal role in shaping the overall cyber security posture for Toyota. As a software engineer with the Product Security Team, you will be responsible for leading and developing advanced security tooling for current and forward-model systems throughout Toyotas Connected Car ecosystem.

Responsibilities:

• Lead and perform development of security test tooling that directly supports the teams validation and verification efforts
• Maintain and support several existing projects, improving overall code quality
• Design and develop complex software infrastructure to support DevSecOps and automated regression analysis
• Engage with other stakeholders in code reviews and audits
• Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniques
• Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical/functional security areas
• Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risks

Qualifications:

• Bachelors degree (or higher) in Electrical Engineering, Computer Engineering, Computer Science, Cybersecurity or related is strongly desired
• Proficient in Python, JavaScript, C and C++ development
• Experience with reverse engineering and binary analysis methods and tools (e.g., IDA Pro, Ghidra)
• Knowledge of compiler concepts, compilation lifecycle and intermediate products
• Knowledge and experience using static and dynamic binary analysis techniques
• Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competence

Additional Valued Attributes:

• Experience with core security concepts, embedded security best practices (e.g., secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities
• Experience working with React or Angular is a plus
• Experience performing code audit or review efforts
• Experience working or leading in Agile development workflow
• Experience in designing, developing, and debugging embedded security applications is a plus
• Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101
• Experience in security research, vulnerability generation
• Knowledge or experience with binary symbolic analysis and fuzzing frameworks (e.g. angr, BAP, AFL)
• Experience with vulnerability analysis using CVSS scoring and CWE types
• Experience with vulnerability management process (from proof-of-concept to remediation)