Location: Canada, ON, WaterlooApply Now Connect with LinkedIn Connect with Xing
Know someone else who would be a perfect fit? Let them know!Send to a friend
Security Analysts are responsible for assessing and advising on the security of developed software applications, recommending changes to applications to harden them against potential vulnerabilities and advocating secure development practices.
The successful candidate will work as part of a small team reviewing world class enterprise information management applications. The position will focus on locating security vulnerabilities and preventing them as early as possible in the development process. In a time of increasing interconnectivity and rising expectations of rapid content delivery, security is a paramount concern. The analyst will be expected to demonstrate their technical knowledge on exploiting and mitigating vulnerabilities, to help Open Text produce software that exceeds the security requirements of customers worldwide.
You are great at:
• Leveraging your knowledge of software security threats to assess our software’s risk areas
• Providing feedback to development teams about the severity of findings using standard CVSS scoring methods, offering diagnostic examples exploit methods to illustrate issues,
• Training and assisting product engineering teams with dynamic scan detection tools, and mentoring them on the preliminary analysis of resulting reports
• Working with automated static source code analysis tools
• Penetration testing of our software applications to detect vulnerabilities.
• Analyzing defects for root causes, make recommendations for remedies
• Participating in threat modeling exercises, security assessments
• Producing and presenting clear, concise and unambiguous reports
• Contributing to white papers about product security, hardening, and related topics
• Developing on-going relationships with product team Security Advocates, understanding the security maturity of their development processes, risk areas, and helping them to produce the most secure software products possible
What it takes:
• Knowledge of the security of web services technologies, web servers, databases and web-based applications
• Knowledge of common application security controls and application security issues
• 5+ years experience with security tools such as HP Fortify, BURP Pro, Acunetix, AppScan
• 8+ years of related work experience in software/product security
• Background/understanding of security development life cycle
• Strong analytical / troubleshooting skills
• Possess a commitment to quality and a thorough approach to work.
• Sound and precise writing skills
• Excellent communications and consultancy skills both in-person and via phone and email with remote stakeholders
• The ability to work in a team and as an individual and a natural curiosity
• Previous experience in software application development and application security vulnerability detection
At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of sex, national origin, disability or race. If you require accommodation at any time during the recruitment process please email firstname.lastname@example.org.