|
|
吾爱游客
发表于 2014-12-16 21:39
招聘
| 公司名称: |
Blackboard 毕博中国 |
| 职位名称: |
Software Security Engineer软件安全工程 |
| 职位描述: |
Key Responsibilities
Provide advice and consultancy on risk assessment, identification of relevant threats (threat modeling) and fixing vulnerabilities
Share architectural and technical guidance with product development team while maintaining a thorough understanding of products
Master a solid understanding of the security architecture of the Blackboard Learn product suite.
Investigate and respond to third-party reported security vulnerabilities.
Coordinate security testing, including definition of scope, coverage, and management of cross-functional remediation plans.
Perform manual penetration testing and verification of Web 2.0 applications
Leverage automated security tool results to support manual analysis.
Lead source code review using static analysis tools for critical areas of the application
Provide guidance on the design and correct implementation of planned security controls such as encryption, log management, and authentication.
Develop prototypes of security features in the application
Design security test cases for both dynamic and static analysis testing tools to broadly assess the application
Contribute to security policy, standards, and guidelines
Develop training materials for general security awareness and specific security engineering training
Scripting experience to contribute to security testing automation.
Basic Qualifications
Bachelor's Degree in Computer Science or related field
Programming experience in Java and JavaScript
Knowledge of security testing tools and methodologies.
Minimum of 4 years experience with any combinations of the following: penetration testing, automation, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system and network security
Preferred Qualifications
Experience working collaboratively with engineers to provide design-level assessments of security risks and corresponding mitigating controls to ensure that privacy and security needs are met in user interface and technical design (security design reviews)
Experience performing security reviews on: RESTful web services, Java web applications, JSON, Server-side JavaScript (e.g. Node.js), jQuery
Familiarity with Blackboard Learn products
Technical knowledge in web server, application server, operating system and network security
Exhibit a proactive, solutions based and resourceful approach
Experience building scalable infrastructure software or distributed systems
Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
Strong sense of ownership, urgency, and drive
Sharp analytical abilities and proven design skills |
| 招聘人数: |
1 |
| 工作地点: |
上海浦东新区陆家嘴区域 |
| 薪水待遇: |
15-25k/M |
| 工作性质: |
全职 |
| 是否应届: |
非应届 |
| 性别要求: |
|
| 年龄要求: |
|
| 学历要求: |
- |
| 联系人: |
Yvonne Huang |
| 联系电话: |
021-22219759 |
| 邮箱: |
yvonne.huang@blackboard.com |
| QQ/微信: |
- |
| 公司网址: |
http://www.blackboard.com |
| 公司介绍: |
毕博致力于为中国教育市场提供全球领先的在线教育服务,依托赛尔网络及Blackboard公司在网络运营服务和在线教育技术平台及资源上的强大优势,为各类学校和教育培训机构提供拓展性极强的在线教育软件系列和全套服务解决方案。目前已为近300家中国用户提供产品和服务,涉及高等教育、基础教育、职业教育以及企业培训等各个方面。 |
| 有效期至: |
2014-12-31 |
Software Security Engineer III, Security Engineering
The Blackboard Learn Product Security Team is responsible for the security and availability of products offered by the Learn division including Blackboard Learn, Xythos, and ANGEL.
We are a collegial team looking for a Software Security Engineer with experience in building secure web applications to help ensure our web services, applications, and platform are designed and implemented to industry practices.
If you enjoy analyzing the security of applications and services, discovering and addressing security issues, collaborating with customers and employees worldwide, assessing designs against relevant security threats, this position will provide you with a challenging opportunity to learn and grow.
Bring your passion for learning, experimentation, and creative thinking!
Even if you don’t fit this description exactly, but you’ve got a great software development background having dealt with application security issues (like PCI compliance), please contact us too!
Key Responsibilities
Provide advice and consultancy on risk assessment, identification of relevant threats (threat modeling) and fixing vulnerabilities
Share architectural and technical guIDAnce with product development team while maintaining a thorough understanding of products
Master a solid understanding of the security architecture of the Blackboard Learn product suite.
Investigate and respond to third-party reported security vulnerabilities.
Coordinate security testing, including definition of scope, coverage, and management of cross-functional remediation plans.
Perform manual penetration testing and verification of Web 2.0 applications
Leverage automated security tool results to support manual analysis.
Lead source code review using static analysis tools for critical areas of the application
Provide guidance on the design and correct implementation of planned security controls such as encryption, log management, and authentication.
Develop prototypes of security features in the application
Design security test cases for both dynamic and static analysis testing tools to broadly assess the application
Contribute to security policy, standards, and guidelines
Develop training materials for general security awareness and specific security engineering training
Scripting experience to contribute to security testing automation.
Basic Qualifications
Bachelor's Degree in Computer Science or related field
Programming experience in Java and JavaScript
Knowledge of security testing tools and methodologies.
Minimum of 4 years experience with any combinations of the following: penetration testing, automation, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system and network security
Preferred Qualifications
Experience working collaboratively with engineers to provide design-level assessments of security risks and corresponding mitigating controls to ensure that privacy and security needs are met in user interface and technical design (security design reviews)
Experience performing security reviews on: RESTful web services, Java web applications, JSON, Server-side JavaScript (e.g. Node.js), jQuery
Familiarity with Blackboard Learn products
Technical knowledge in web server, application server, operating system and network security
Exhibit a proactive, solutions based and resourceful approach
Experience building scalable infrastructure software or distributed systems
Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge (avoid "analysis paralysis")
Strong sense of ownership, urgency, and drive
Sharp analytical abilities and proven design skills
工作地点: 浦东南路588号浦发大厦27楼
交通: 地铁二号线东昌路站
|
|
