Senior Security Engineer

***Positions posted by El Comeback are done on behalf of companies that we support in their search for candidates

Our client, Hewlett Packard Enterprise (HPE), is looking for a Senior Security Engineer.

This role has been designed as Hybrid with an expectation that you will work on average 2 days per week from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate whats next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.

Job Description:

As part of our HPE Operations Cybersecurity Lab the Senior Security Engineer will be responsible for the design, development and implementation of security solutions to enhance product and supply chain security and transparency. Scope includes investigation and evaluation of emerging technologies, research, design and development of penetration test to improve security at factory environments and the development of automated solutions and tools to improve efficiency of processes.

In a typical day as a Senior Security Engineer, you would...

Leads multiple security and automation project teams of other software systems engineers and internal and outsourced development partners responsible for all stages of design and development for security solutions for complex products and platforms, including solution design, analysis, coding, testing, and integration.

Design, develop, test, and maintain robust, scalable, and high-quality security and software solutions.

Bring relevant subject matter expertise on application and systems security strategy, architecture and roadmaps, review application architectures, code and system services from a security perspective.

Manages and expands relationships with internal and outsourced development partners on software systems design and development.

Reviews and evaluates designs and project activities for compliance with secure systems design and development guidelines and standards; provides tangible feedback to improve product security and mitigate failure risk.

Provides security domain-specific expertise and overall software systems leadership and perspective to cross-organization projects, programs, and activities.

Direct and coordinate the implementation of test automation and other test tools (security).

Education and Experience Required:

Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent.

Typically 6-10 years experience.

If you are

- Extensive experience with multiple software systems design tools and languages.

- Excellent analytical and problem solving skills.

- Experienced in overall architecture of software systems for products, solutions and IT systems.

- Designing and integrating software systems running on multiple platform types into overall architecture.

In-depth Cyber and IT security knowledge.

- Solid knowledge of security fundamentals and general security technologies, including: network security controls (firewalls, VPNs, IPSec, IDS/IPS), secure code, physical security, cryptography, authentication, identity management, network communication ports and protocols, etc.

- Experienced in Penetration testing with tools ..

- Strong experience with Web Application Security Testing (Tools: Burp, OWASP ZAP etc.).

- Experience with Vulnerability Assessment (Tools: nmap, - Nexpose or Nessus, Fierce, Wireshark etc.)

- Evaluating forms and processes for software systems testing and methodology, including writing and execution of test plans, debugging, and testing scripts and tools.

- Excellent written and verbal communication skills; mastery in English and local language. Ability to effectively communicate product architectures, design proposals and negotiate options at senior management levels.

- Solid knowledge of Thread modeling

- Agile Development: Participate in Agile methodologies, including sprint planning, daily stand-ups, and retrospectives.

- Understanding of OWASP Top 10

- Security Certifications: preferred ( CISSP, CEH, Comptia Security+, OSCP.

Additional Skills:

Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Micro-services Fluency, Full Stack Development, Security-First Mindset, Solutions Design, Testing & Automation, User Experience (UX)

***El Comeback is a non-profit program from ConPRmetidos that attracts and retains professional talent for Puerto Rico-based jobs. Register at elcomebackpr.org/registration-form to get matched with professional opportunities on the island