Dell Security Test Engineer in Hopkinton, Massachusetts

Security Test Engineer

Hopkinton, MA

Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.

The Security Test Engineer will join Dell’s Product Security Office to deliver critical initiatives.

The Dell Product Security Office offers a unique opportunity to join a very talented team involved in the progressive business of developing, building and delivering leading edge product security practices and standards.

Key Responsibilities

  • Responsible for strategically engaging product teams, sharing application security testing knowledge and building security integration tools with product engineers

  • Lead security testing engagements with product teams and mentor engineers on security testing methodologies and techniques

  • Work with developers and testing/quality engineers to provide solutions for discovered security issues and provide product teams with scripts, tools and testing strategy

  • Identify the “0-days” in DELL EMC products before anyone else does

  • Document issues discovered, including steps to reproduce and mitigate those issues

  • Write custom tools that can help product teams in doing efficient security testing

  • Lead security testing workshops to teach other engineers at Dell EMC how to find security issues in products

  • Document generic test cases for publication in Product Security knowledgebase

  • Identify and share Best Practices with security testing community across the company

  • Proactively identify new testing tools that help advance security testing

Essential Requirements

  • Master's degree or higher in Information Security or similar technical field

  • Certifications such as CEH, CISSP, Security+ a bonus

  • Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10, SANS/CWE top 25, and vulnerability scanning

  • Ability to understand and leverage reports from scanners such as IBM Appscan, Nessus, Qualys, and Twistlock

  • Proven experience in discovering authentication and authorization bypass defects

  • Experience in finding 0-days and writing exploit

  • Experience in extending the tools like ZAP, BURP…

  • Ability to think like an attacker and ensure that Dell EMC products are ready to stand up to current and future attacks

Desirable Requirements

  • Subject Matter Expert on software vulnerability types and exploitation

  • Knowledge of how to test code and applications across various platforms (Linux, Windows, etc.) for security issues

  • Knowledge of a minimum of one programming or scripting language, such as Python, Java, C, Ruby etc.

  • Strong understanding of the network stack, including ports and protocols

  • Experience performing application black-box and white-box penetration testing preferred

  • Knowledge of reversing patch & exploring 1-day exploits preferred

Benefits

We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.

If you can ensure the highest level of security for our customers, this is your opportunity to develop with Dell.

Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here .