ECI

Cybersecurity Dev. Lead (BB-DBF5D)

Found in: Neuvoo IL

Description:

Ribbon (formerly ECI Telecom) is looking for a Cybersecurity Dev. Lead, who will provide security guidance and oversight across Product Management and Research & Development to Influence the design and implementation of upcoming products and services with a mindset of "Security by Default".

Responsibilities

  • Implement Security Development Lifecycle (SDLC) policy and Continuous improvement of the R&D security program, aligning staff, tools, and processes to key security metrics and controls enabling timely and secure Product feature releases
  • Responsible for overall R&D Security assessments and posture through security testing results on applications using dynamic and static analysis tools and penetration testing while striving for continuous improvement based on defined KPIs
  • Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes
  • Perform validation of security controls to insure adherence with compliance and industry best practices.
  • Manage and coordinate PONet security forum meetings, publish minutes and follow up on various action items assigned to various individuals
  • Should be able to review RFP questions and our responses, security related SLAs to ensure that these meet our set policies
  • Should abreast of public domain information related to major security events, vulnerabilities discovered so as to assess their implications on PONet products. Should be able to notify the internal audience on matters related to cybersecurity and major s/w related vulnerabilities
  • Define and oversee the Incident Response procedures
  • Should be a ‘go to’ contact person for
  1. Security related queries from customers/ PLM/ T3 related to various the company's products
  2. New scanning/ tool updates from DevOps
  3. Upper management that would like to track the status of security in various product lines through periodic reports related to identified vulnerabilities and their resolution

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required
  • 4+ years of experience in information security or related technology experience required, experience in the Telecom industry is a plus
  • Should be familiar with security standards such as Common-Criteria, FIPS, BSI
  • Should have basic understanding of s/w code vulnerabilities so as to understand operating principles of various scanning tools such as Coverity, WhiteSource
  • Should be familiar with Fuzzing / ethical hacking related tools such as the ones available on Kali-Linux, Nessus, Burp suite
  • Should have basic scripting abilities in languages such a Python/ Perl so as to process the scan logs to generate reports of different kinds for various the company's audience
  • Have a knowledge of building security into continuous integration and delivery (CI/CD) pipeline
  • Should have the requisite communication skills (Fluent English) written and spoken to work with various the company's teams

calendar_today1 day ago

Similar jobs

info Full-time

location_onPetah Tikva, Israel

work ECI

Apply:
I expressly authorise the Terms and Conditions