Security Quality Engineer
Company: The MathWorks, Inc.
Location: Natick, MA
Posted on: February 1, 2021
Job Description:
Working under the direction of the Manager or Senior Team Lead,
will be responsible for designing and developing sophisticated
testing software to support application security; developing
software testing applications to address security requirements
during all aspects of MathWorks application development process;
applying security testing methodologies to perform product security
testing including penetration testing, threat modeling,
vulnerability assessment, and security feature validation;
developing test infrastructure and tooling; authoring automated
tests to detect security bugs; developing development security
standards, influencing projects during all phases of the software
development life cycle (SDLC), using application vulnerability
assessment tools, and performing secure code reviews; providing
security insight during the design, development, test, and release
of MathWorks core products; adhering to application security
standards; performing application vulnerability assessments;
conducting web application security scans, analyzing the results
for false positives, prioritizing vulnerabilities, and researching
and proposing remediation steps; participating in application
design and architecture reviews; and advocating for security
requirements during all phases of the SDLC. Education and Experience: Masters degree or higher (or foreign education equivalent) in
Engineering, Computer Science, Information Technology and
Management, Information Security, or Information Assurance and no
experience. OR Bachelors degree (or foreign education equivalent) in
Engineering, Computer Science, Information Technology and
Management, Information Security, or Information Assurance and five
(5) years of experience in job offered or five (5) years of
experience assessing and testing software security. Special Requirements: Demonstrated expertise performing web application security
assessments using AppScan, Veracode, OWASP ZAP, or Burp Suite. Demonstrated expertise in web application development using
Java, Ruby on Rails, and JavaScript. Demonstrated expertise enhancing software application security
using Python scripting and component analysis security tools --
JFrog Xray, Black Duck, OWASP Dependency Check, or Snyk; performing
version control and continuous integration; and in software
configuration management and version control system management
including analysis and implementation of branching strategies using
Git, Perforce or SVN. Demonstrated expertise troubleshooting security policies for
applications reverse-proxies using F5, NGINX, or Fiddler; and
designing security standards and fixing security vulnerabilities
during all phases of the SDLC. [Expertise may be gained during Graduate program.] For the position listed above, interested candidates may search
by job code 25155 for specific job details and requirements and
apply online on the Careers Page at
https://www.mathworks.com/company/jobs/opportunities.html
Keywords: The MathWorks, Inc., East Hartford , Security Quality Engineer, Engineering , Natick, MA, Connecticut