Product Security Engineer at Bose Corporation, U.S.A in Framingham, MA

Product Security Engineer
Bose Corporation, U.S.A
Published
August 28, 2020
Location
Framingham, MA
Job Type

Description

Apply You will be redirected to Bose Corporation, U.S.A's preferred application process.

Product Security Engineer

Job Description
Qualifications (demonstrated competence):
7-9 years of experience in security space, preferably in product
- hardware, software, cloud or mobile app development space
Secure software / systems development lifecycle experience (e.g. Microsoft SDL,OpenSAMM,CMMI-Dev+Secure)
Demonstrableknowledgeand experiencein one or more of the following areas:
System security engineering
Embedded devicesecurity
Application or system hardening
Security Testing / Penetration Testing
Mobile applicationsecurity
Cloud security
Cryptography
Forensics or reverse engineering
Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards.
Experience leading secure architecture, design, and code reviews
Direct development experience in languages including C/C++ (x86 or ARM), Python, and
Java; Go or Swift experience desirable
Familiarity with security vulnerability detection and security test automation tools such as Qualys, Nessus, Burp Suite,metasploit, and
Klocwork.
Excellent written and verbal communication skills;must understand and be able todeliversecurity concepts and challenges to variouslevels within the organization (e.g. developers, program management, business leaders)
Highly desirable but not required skills include:
Certified Software Security Lifecycle Professional (CSSLP),Certified Information Systems Security Professional (CISSP) certification, SANS GIAC Certified Incident Handler (GCIH), or SANS GIAC Certified Penetration Tester (GPEN) or equivalent certification
Knowledge ofCI/CD tools and practices
Experience in waterfall and Agile development methodologies
Experience using CIS Security benchmarks or US DISA Security Technical Implementation Guides
Prior or current involvement in industry security initiatives such as IETF, OWASP, ISO, CWE, BSIMM, Cloud Security Alliance,or any open source project related to security
Familiarity with the Industrial Internet of Things (IIoT)
Familiarity with US FDA cybersecurity requirements
Understanding of functional safety and/or privacy requirements
Teaching or technical consultation experience
Bose is an equal opportunity employer that is committed to inclusion and diversity. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or any other legally protected characteristics. For additional information, please review: (1) the EEO is the Law Poster ( and (2) its Supplements ( Please note, the company's pay transparency is available at Bose is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the application or employment process, please send an e-mail to ...@bose.com and let us know the nature of your request and your contact information.

Job Expires: 2020-11-26
Apply
Will you now, or in the future, require sponsorship for employment visa status (e.g. H-1B visa status)? *
Drop files here browse files ...
Resume, CV, cover letter, etc.

Be at home with your family

Get help finding work-from-home

Your Children Will Be Happier

Stop parenting from the office

Flexible Careers - No Commute

Is your job putting you at risk?

Work from the safety of your own home

Cancel the Commute & Save Hours per Day

Are you sure you want to delete this file?
/