Security Analyst / Product Security Engineer (Software) (m/f/d)
Aktuelle Original-Stellenanzeige
Quelle: StudySmarter Stellenbestand · Status: aktiv · Bewerbung über das zentrale StudySmarter-Formular.
Die ganze Ausschreibung von Advantest
Automatisch strukturiert · Originaltext unformatiert geliefert
Das ist der Job
Identify and analyze security vulnerabilities in the software stack (C++, Java, Linux environment).
Darum lohnt es sich
Investigate reported vulnerabilities or security incidents affecting the software and coordinate root cause analysis and remediation with development teams.
Support development teams in implementing security controls, such as: authentication and authorization mechanisms secure use of cryptographic functions protection against common software vulnerabilities Define requirements and concepts for secure software updates and software integrity protection.
Act as security advisor for development teams, helping them design and implement secure solutions.
OWASP, NIST, ISO/IEC security practices) Collaboration Ability to work closely with software architects and development teams Ability to translate security and regulatory requirements into practical development guidelines Strong analytical and problem-solving skills Ability to communicate security risks and recommendations clearly #J-18808-Ljbffr Responsibilities Define and maintain the security architecture of the tester software platform, primarily focusing on Linux workstation software.
Translate Cyber Resilience Act (CRA) essential cybersecurity requirements into concrete software development practices and product requirements. Perform threat modeling and security risk analysis for the software architecture, interfaces, and external integrations.
Establish and maintain secure development practices, including: secure coding guidelines security-focused code reviews use of static and dependency security analysis tools Monitor security advisories and vulnerability databases (e.g., CVEs) for third-party libraries, Linux components, and external dependencies used by the product.
Define and maintain processes for vulnerability handling and disclosure, including tracking, prioritization, and remediation. Contribute to security documentation required for CRA compliance, including risk assessments and security-related product documentation.
Assess security implications of executing customer-provided test programs and define safeguards such as sandboxing, permissions, or execution isolation.
Software Security Strong understanding of secure software design and architecture Experience with secure development practices for large software systems Knowledge of common software vulnerabilities and mitigation techniques (e.g., OWASP Top 10, memory safety issues) Familiarity with security aspects of C++ and Java development Understanding of Linux operating system security concepts Security Engineering Experience with threat modeling and security risk analysis Familiarity with security testing techniques, such as static analysis, dependency scanning, and vulnerability analysis Ability to analyze vulnerability reports and determine product impact Experience with investigating software defects and root causes Standards and Compliance Understanding of Cyber Resilience Act (CRA) requirements for software products Knowledge of secure development lifecycle (SDL) practices Familiarity with industry security standards and guidelines (e.g.
Bereit?
Bewerbung wird direkt an Advantest uebergeben - kein Konto noetig.