|Date Posted||April 8, 2018|
UL is looking for you if you're seeking a cutting edge career in Cyber Security!
We're leading the way in establishing cyber safety and are looking to hire some people to join this exciting new division within our organization!
Do you have experience with cybersecurity modeling, testing and development with embedded products? WE WANT YOU!
Contribute to a Safer, More Secure, and More Sustainable World.
At UL, we know why we come to work. Thousands of us around the world wake up every day with one common purpose – to make the world a safer, more secure, and more sustainable place to live. We clear the way for our customers to introduce the latest products, technological advances, and systems in an increasingly complex world so they can provide peace of mind to the market. Our integrity is woven throughout our company and shapes the way we approach deliver our solutions. We are proud that the work we do every day has a meaningful contribution to society. We continue to build upon our legacy of trusted expertise and partnership to keep our communities safe and secure as we march forward into the future. This helps us to sleep better at night, and we are confident that the millions of people we touch rest easier too.
The Senior Cyber Security Analyst will partner with the senior technical team and management in developing and building industry adopted technical requirements, programs, and processes to maintain UL as the highest quality provider for cybersecurity services. Remain up to date on all cybersecurity related topics. Perceived as both the customer’s and internal security team’s trusted advisor. Conduct advanced penetration tests, exploitation of products, systems, web and mobile applications, and cloud systems to identify potential areas of vulnerabilities in a large range of domains.
- Conducts security assessments using automated and ad-hoc tools with manual assessment and exploitation as needed.
- Conducts penetration testing against different technological domains including, but not limited to, web and mobile products, embedded and hardware products, wireless products, software, cloud based software, and smart device applications. These technological domains reside in critical infrastructure, nuclear, building automation, lighting, life safety, digital video, large commercial appliances, smart home and automotive.
- Supports our clients in defining risks associated with weaknesses found in their products and systems.
- Demonstrates a high level of technical writing proficiency enabling the creation of required information security documentation, technical reports, and formal papers on test findings and complete requests in accordance with requirements.
- Handles and completes customer projects to the defined requirements in the timeframe required by customers with the highest quality and integrity of work.
- Meets and exceeds customer expectations with projects and other related tests and activities.
- Supports security team in building and improving UL’s assurance programs and services.
- Provides technical guidance and training to new security team members.
- Provides sales support and the sale of more complex projects.
- Performs other duties as directed.
University degree (Bachelor’s degree or higher) in Computer Science or a related discipline plus generally four years’ experience in information security.
- Experience with cybersecurity testing of products and software to identify weaknesses and flaws. Demonstrated vulnerability research and publishing a plus.
- Experience with leading projects from conception to close with exposure to various project management frameworks, methodologies, and tools.
- Experience with software development life cycle security, fuzzing, software composition analysis, firmware analysis, reverse engineering, and static and dynamic analysis.
- Experience with security involving wireless, radio, and cellular communications.
- Hands-on experience with commercial and open source security solutions such as: AppSpider, Burp Suite Pro, Metasploit Pro, Nexpose, Nessus, Kali Linux, Synopsys Defensics, Synopsys Coverity, Synopsys Protecode, Raspberry Pi, Arduino, etc.
- Deep understanding of security issues on various operating systems, web and mobile applications, network components, embedded systems, and databases.
- Understanding of electronics theory and experience with practical application.
- Understanding of processor architectures for development and reverse engineering.
- Development experience with a variety of programming or scripting languages.
- Knowledge of industry standards and best practices a plus, such as IEEE, IEC, NIST SP 800 series, DISA STIGs, etc.
- Security related certifications a plus: CEH, CISSP, GIAC, OSCP, OSCE