Application Security Engineer
Description:
About NCR VOYIX
NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities.
Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems.
Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape.
Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner.
Application Security Engineer
Raanana, Israel
In this mission critical role as an Application Security Engineer, you will be part of a dynamic global application security team, working directly with software architects and software engineers to perform penetration testing on software solutions developed within the company. In addition, you’ll collaborate with engineering to triage security findings and review remediation techniques in order to harden and improve the security of NCR Voyix software across multiple types of products.
With NCR Voyix as a software-focused company, you’ll work in a fast-paced environment, helping enable teams to work in a DevSecOps model in a world of containers, automated pipelines, and rapid deployments. And you’ll be instrumental in helping teams add in security testing as part of their build and release pipelines. NCR Voyix produces hardware and software for major companies in Retail, Restaurants, and Digital Banking – come help secure the state-of-the-art!
Responsibilities:
Conducting manual penetration tests of NCR Voyix software
Assessing risk level of security findings using standard methodologies
Running automated application security tools
Writing and presenting pen test reports to development teams
Consulting with development teams on remediation techniques and defensive coding
Validation testing to confirm findings are closed
Develop, integrate, and enable security engineering test automation into a CI/CD pipeline
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes
Required skills and experience:
Bachelor’s Degree in Computer Science or related field - equivalent work experience ok
At least 2 years of experience of Application pen testing background
Web application test experience
Web services/API test experience
Mobile application test experience (iOS and Android)
Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.)
Preferred Skills and Experience:
Experience with automation of security testing as part of a CI/CD pipeline
Experience with retail, banking, and/or restaurant software, particularly the types of vulnerabilities and security testing associated with them.
Previous hardware/POS pen test experience
Active participation in cybersecurity forums/conferences, e.g. DEFCON, Black Hat.
Experience with privacy requirements of a global corporation (e.g. GDPR, CCPA)
Security industry certifications, e.g. CEH
Offers of employment are conditional upon passage of screening criteria applicable to the job
EEO Statement
Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment.
Statement to Third Party Agencies
To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes
“When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”
R0143865