Experienced Software Security Engineer - Mainframe Penetration Tester

$107,000 - $171,000/Yr

Broadcom - Durham, NC

posted 7 days ago

Full-time - Mid Level
Durham, NC
5,001-10,000 employees
Computer and Electronic Product Manufacturing

About the position

The Experienced Software Security Engineer - Mainframe Penetration Tester at Broadcom's Mainframe Software Division (MSD) is responsible for enhancing secure software development practices and conducting penetration testing across the product portfolio. This role involves staying updated on industry standards, guiding engineering teams on vulnerabilities, and educating staff on secure coding practices. The position plays a critical role in ensuring the security of software products that support major enterprises globally.

Responsibilities

  • Stay current with the industry on secure software development practices, tools, standards, regulations and requirements
  • Plan, coordinate and perform penetration testing of MSD products
  • Provide guidance to engineering teams on how to address identified vulnerabilities
  • Influence prioritization and implementation of secure software development initiatives for MSD
  • Assist the education of the MSD R&D staff on secure software development best practices, writing secure code, threat modeling, secure design reviews, secure code reviews, and addressing software vulnerabilities.

Requirements

  • Bachelor's degree or global equivalent in a related field
  • Typically, 8 or more years of experience in software development or a related field
  • Strong understanding of web technologies (Web applications, Web Services and REST) and network protocols
  • Software development experience in one of the following core languages: Java, C/C++, Javascript, HLASM
  • Experience in mainframe software development and familiarity with HLASM, z/OS, z/OS Security
  • Experience in mainframe penetration testing
  • Experience in design and development of Micro-Services, APIs, Enterprise Software Applications
  • Knowledge of modern secure software development techniques, standards, practices and tools
  • Experience in Application Security, understanding of typical types of weaknesses (OWASP Top-10, CWE/SANS Top 25 etc) and standards & compliance requirements, such as ISO27034, PCI, FedRAMP, NIST Cybersecurity Framework, US Executive Order 14028 etc.
  • Strong communication skills
  • Knowledge of CI/CD and DevOps
  • Experience working as a Software Security Engineer or Penetration Tester is desired.

Benefits

  • Medical, dental and vision plans
  • 401(K) participation including company matching
  • Employee Stock Purchase Program (ESPP)
  • Employee Assistance Program (EAP)
  • Company paid holidays
  • Paid sick leave and vacation time
  • Paid Family Leave and other leaves of absence.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service