Sr. Security Analysis Engineer
Chungho, Taiwan, TW
Supermicro
The premier provider of advanced Server Building Block Solutions® for 5G/Edge, Data Center, Cloud, Enterprise, Big Data, HPC and Embedded markets worldwide.Job Req ID: 26871
About Supermicro:
Supermicro® is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.
Essential Duties and Responsibilities:
1. Impact analysis for specific system/software or project.
2. Maintain and monitor OSS package built in system/software products.
3. Tracking potential security issues and vulnerabilities management for system/software or project, and delivering possible solution to reduce security risks
4. Analyze the coverage of security validation for security mitigation.
5. Support SSDLC practice and provide guidance of any tools or practices required to avoid gaps in the development process
6. Maintain records of security analysis on internal platform
7. Drive timely and effective resolution for the above security comment.
Qualifications:
1. Bachelor’s degree in computer science, information technology, or a similar field.
2. Senior Engineer Experience in-depth knowledge of applying ISO 27001, IEC 62443-4-1, SSDLC, BSIMM for system/software development, root cause of cybersecurity risk, and vulnerability management for at least 5 years.
3. Experience with system/software development project with general knowledge of CI/CD tools
4. Familiar scripting (e.g., Python, Shell) to support SSDLC practices such as automated security checks and compliance reviews.
5. Experience with methodology of Threat Modeling, Attack tree, OCTAVE analysis based on system/software's DFD or feature spec.
6. Good Skill in project management and cross-division communication.
7. Capability for drawing system/software diagram.
8. CISSP, CSSLP, SSCP, CEH, CTIA or similar certification is a plus.
EEO Statement
Supermicro is an Equal Opportunity Employer and embraces diversity in our employee population. It is the policy of Supermicro to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or special disabled veteran, marital status, pregnancy, genetic information, or any other legally protected status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Big Data BSIMM CEH CI/CD CISSP Cloud Compliance Computer Science CSSLP IEC 62443 IoT ISO 27001 Octave Python Scripting Security analysis SSCP SSDLC Vulnerabilities Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.