Dell SecureWorks is a market leading provider of world-class information security services with over 2,700 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on Del SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned in the Leader's Quadrant of Gartner's Magic Quadrant for MSSPs, Dell SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008 & 2009.

 

As a result of our market leadership, Dell SecureWorks is experiencing rapid growth in all aspects of our security business, including Engineering Operations.  Our Software Security & Open Source Engineer will play a crucial role in assuring software security and open source software management standards in our engineering practices. The successful candidate will have an opportunity to provide thought leadership, guidance and hands-on support to our engineering, product management, compliance, and information security teams.

 

The role will involve ensuring that the Dell SecureWorks software security strategy is aligned with our business strategy; it will involve collaborating with product managers, software engineers and other technical leaders to develop and optimize our software architecture in order to rapidly develop responses in an ever-changing threat landscape.   It will involve providing guidance and governance on how open source and third party software components are used, and ensuring that using these components will not introduce security risks, nor compromise our intellectual property.

 

Responsibilities will include:

--         Preparation, delivery and ongoing refinement of software security standards

--         Specification of secure design principles based on industry best practices

--         Development of secure coding practices for software contributors

--         Identification and promotion of security training opportunities for the engineering staff

--         Assistance with integration of proprietary and vendor tools for security testing and code scanning, resulting in actionable vulnerability assessments

--         Collaboration with architects to develop application security architectures

--         Specification and optimization of open source and third-party usage guidelines

--         Implementation and curation of open source and third party software components

--         Utilization of Open Source License Management Solutions and Open Source Auditing services

--         Collaborating with the legal team on open source software licensing

--         Designing and implementing workflow associated with identifying, analyzing and approving software artifacts that utilize open source components.

--         Establishing strong working relationships with internal security, compliance and legal teams.

Required Technical Qualification: 3+ years of experience in the following areas:

--         Designing secure systems

--         Writing secure code

--         Using automated security code scanning tools (within continuous integration systems)

--         Utilizing automated security scanning tools to evaluate software systems

--         Experience with threat modeling

--         Industry standards and best practices around security such as OWASP

--         Implementing security best practices

--         Familiarity with open source utilization including licensing

--         Programming experience in two or more of web technologies, C++ and Java

--         Advanced level skills in Linux

--         Nice to have: Security certifications such as GSSP and CISSP

--         Nice to have: Familiarity with compliance controls such as HIPAA and PCI

--         Nice to have: Familiarity with Open Source Licensing practices

Personal Attributes

--         Excellent analytical, conceptual, and problem-solving abilities.

--         Technical support documentation skills.

--         Presentation and interpersonal skills.

--         Strong written and oral communication skills.

--         Ability to research issues, standards and products as required.

--         Ability to assist in effectively prioritizing and executing tasks in a high-pressure environment.

--         Experience working in a team-oriented, collaborative environment.

 

Education

--         Minimum of BS in Computer Science or hard engineering degree or equivalent.

--         Technical training through vendors, security conferences and continuing education.

 

 " DCAM1"