Lead Security Analyst

Ref#: 28640

Function: IT

Location: Canada, ON, Mississauga

Apply Now

Know someone else who would be a perfect fit? Let them know!

Share: Twitter

Send to a friend
OPENTEXT - THE INFORMATION COMPANY

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. 

The opportunity:

The Senior Security Engineer is responsible for security testing across Open Text networks and web applications including the coordination of penetration testing for various compliance requirements. This role works with product management and development teams to understand the relationship of application components and infrastructure hardening requirements for conducting third party pen tests. This role also communicates identified security penetration test findings to stakeholders and management.

You are great at:

• Working with various product management and development teams to fully understand the business and technical requirements for application security testing
• Educating product and development teams on security penetration testing and infrastructure hardening requirements
• Collaborating with product and development teams to understand the pen test results and how to mitigate them
• Coordinating penetration tests for web applications, systems, and networks utilizing proven/formal processes and industry standards
• Managing third party security vendors and ensure rotation of vendors and continuous improvement in our security testing practice
• Providing support for audits and gathering of artifacts for ISO27001, PCI, SOC1 & SOC2, etc
• Documenting process and procedures for security testing requirements
• Developing KPIs to articulate and measure program performance

What it takes:

• 7+ years’ experience in working in IT Security
• 4+ years’ experience in product testing, with a focus on penetration testing
• Solid foundation in formal penetration testing for web applications and hosted/cloud environments
• Software engineering experience: ability to read and understand software written in multiple languages. Understanding of common software security vulnerabilities and how to mitigate them
• Experience using and managing commercial AST and DAST tools such as Checkmarx, Coverity, Fortify, WhiteSource, BlackDuck, Qualsys, etc.
• Experience providing mentorship to other Security team members
• Experience creating and refining metrics to articulate and measure program performance
• Knowledge of system hardening and secure configuration frameworks
• Able to work independently and efficiently, as well as with others, to meet deadlines
• Project Management experience
• Self-motivated and detail-oriented. Able to multi-task, prioritize, and resolve multiple inquiries at once. Possess excellent writing and communication skills to effectively develop policies, and procedures, reports and documentation
• security certification such as Certified Information Systems Security Professional (CISSP), Information Systems Manager (CISM) or equivalent (nice to have)
• BS in Computer Science, Cyber Security, Information Assurance, or Information Security preferred

At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of sex, national origin, disability or race. If you require accommodation at any time during the recruitment process please email accommodationrequests@opentext.com.

Apply Now

Share: Twitter

Send to a friend