full time tech

Job Details

Secure Development Lifecycle Engineer

Location: Remote - United States

The Dell Security & Resiliency organization (SRO) manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.

Overview

Dell’s Product and Application Security team builds and delivers world-class capabilities which infuses security into the development processes and instills a security culture among Dell developers. They enable Dell and our Customers to securely engage in digital transformation by providing Dell development teams the knowledge and capabilities required to ensure that the code developed and integrated in Dell products, applications and services is inherently secure throughout its lifecycle; and they... promptly respond to reported vulnerabilities to keep deployed products and applications secure.

As an SDL Engineer you will play a crucial role in ensuring the security of our products and applications using industry best practices. You will join Dell’s Product and Application Security Organization as a member of our Secure Development Lifecycle (SDL) team which is responsible for a strategic program to build demonstrably resilient software across Dell’s diverse product and technology portfolio. In this role you will have the opportunity to partner with Dell engineering teams to help them secure innovative products built with a wide range of technologies. You will have the chance to apply your skills to help teams secure everything from firmware to cloud deployments.

Key Responsibilities

  • Act as a trusted advisor to product teams, providing practical advice on secure design, coding and testing.
  • Create threat models for new and existing software. Assess potential threats and provide mitigation recommendations to product engineering teams.
  • Provide subject matter expertise on creating resilience in products to current attack techniques
  • Conduct security assessments on infrastructure and platforms and provide detailed assessment report to engineering teams along with the remediation steps.
  • Communicate security risk in layman terms to executives and business stakeholders
  • Lead secure design, coding and/or testing workshops to teach other engineers at Dell how to efficiently apply security development practices
  • As required conduct research into emerging technologies and security engineering practices in order to better advise product teams
  • Act as a Secure Development Lifecycle (SDL) evangelist across Dell as the subject matter expert and contribute to the broader industry security community.

Essential Requirements

  • Solid understanding of BIOS, Root of Trust (RoT), Secure Boot, Trusted Platform Module, PKI, Code Signing
  • Strong communication skills are a must as you need to be able to communicate to and influence both engineers and managers. As is the ability to work with diverse and global teams
  • A passion and a track record for product security engineering
  • A demonstrable understanding of modern infrastructure and cloud technologies
  • An understanding and ability to communicate the techniques, tactics and practices of an attacker.
  • Bachelor’s degree in Computer Science, Computer Engineering or related field with 8+ years relevant experience; or Master’s degree with 6+ years relevant experience; or equivalent experience
  • Understanding of common security vulnerabilities as described in the OWASP Top 10 and SANS 25 as well as their remediation.
  • A proven track record in secure development practices such as: threat modeling, secure design, secure coding, and the use of static and dynamic analysis tools
  • An understanding of the specific challenges in securing cloud-based solutions
  • Competency in secure coding in multiple languages, including at least one scripted and one compiled language

Desired Requirements

  • Master's degree in Information Security or similar technical field
  • Industry certifications: GIAC, CISA and/or CISSP, CSSLP

Dell Technologies is a unique family of businesses that helps organizations and individuals build their digital future and transform how they work, live and play—providing customers with the industry’s broadest and most innovative technology and services portfolio. We value our customers, winning together, innovation, results and integrity. Grow your career with a highly competitive salary, bonus programs, world-class benefits and unparalleled learning and development opportunities— all at a company that is proud to be diverse and inclusive. Learn more on how we are closing the diversity gap.

Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here.

LIPRIORITY
Job ID: R072284

See something wrong with this listing?

Contact support