Sr. Security Researcher / Principal Software Engineer, Tokyo Japan

From: <mike_sienkowski(at)symantec.com>
Date: Mon Apr 21 2003 - 11:55:49 EDT

('binary' encoding is not supported, stored as-is)

If interested in this role please send a resume to vweafer@symantec.com

Duties:

The Security Response Engineer role combines the responsibility of rapidly responding to new security threats in the field and conducting laboratorybased  research with the goal of publishing original contributions to the information technology security discipline. The principal responsibility of the candidate is to identify real-world host and network vulnerabilities and create Symantec security product signatures to prevent their exploitation. Outside of responding to security incidents, the Security Response Engineer will investigate potential security vulnerabilities in Symantec and third-party products in a laboratory environment, creating the necessary signatures and rule sets when needed. Additionally, the candidate will be required to conduct original research in the IT security field and will be expected to publish papers on their chosen research on regular basis. The applicant must be able to occasionally work in high-pressure situations while remaining focused on the task to be completed. Working closely with other members of the Symantec Security Response group, in many cases in geographically separate locations, requires the ability to communicate issues clearly and concisely. Excellent written and verbal communication skills are a necessary part of the job.The candidate is expected to be able to work with minimum supervision and to display the determination to ensure both customer commitments and project goals are met. Strong problem solving and troubleshooting skills are a must, as obvious solutions to many problems will simply not exist. While daily working hours are fixed, in order to respond quickly to security incidents the position sometimes requires the candidate to be available at short notice.

Requirements:

BS Degree, preferably in a computer science-related field, or equivalent industry experience. The candidate is expected to be solidly grounded in a broad range of network skills, including analyzing networking traffic, having a detailed understanding of TCP/IP networking, including a in-depth knowledge of the major TCP/IP protocols and experience working with network intrusion detection technology. The applicant should display an understanding of host-based vulnerabilities and how they are exploited across both the Windows platforms and the major implementations of UNIX. The role requires a strong working knowledge of shell scripting, PERL and/or Python and C/C++ programming to conduct day-to-day tasks. The candidate will ideally have certification in the IT security field, including one or more of the Certified Computing Professional (CCP), System Security Certified Practitioner (SSCP), or Global Incident Analysis Centre (GIAC) Certified Intrusion Analyst certificates.

Interpersonal skills: Must be able to interact comfortably with members of the worldwide Response Team and employees in other departments in Symantec. Planning and organisation: The ability to plan and organise multiple tasks in an efficient manner to completion. Communication: The ability to communicate complex issues in a simple manner, both written and verbal. Many of the people the role comes into contact with are located in different countries and may have differing abilities speaking English. Team player: The role requires the ability to work in a close-knit worldwide team to achieve project goals. Innovation: Not only the solution, but in many cases even the question, may not be obvious when faced with potential security incidents. The ability to innovate solutions to get them to customers more quickly or safely is mandatory.   Received on Thu Apr 24 17:03:54 2003