Senior quality engineer - security
Posted: Oct. 8, 2024, 1:54 p.m. - Full Time - BangaloreAbout the job Job Overview
Crestron’s India team is looking for talented and self-motivated outstanding Pentesters and security auditors who would be responsible for pentesting and auditing Crestron’s products
The ideal candidate is an individual who is passionate about finding security bugs in proprietary software and hardware. The candidate must be able to work independently and also handle communications with other project teams for project updates. The candidate must have good written and verbal communication skills and must be able to articulate their viewpoints clearly.
Job Responsibilities
In this role at Crestron India, Bangalore, you will be responsible for
Penetration Testing Crestron Products, and customer facing cloud infrastructures to identify vulnerabilities, risks and application of standard practices for hardening Understand Security Features in products and conduct tests related to Compliance requirements like JITC, NIAP etc. Write Security Test Plans based on product features, functions and requirements Develop automation scripts (python/bash) to automate mundane security testing Conduct manual penetration testing of devices, Web APIs using tools like BurpSuite. Identify, record, document product vulnerabilities and escalate their severity based on impact to product security Research on platform specific vulnerabilities (Android, Linux Libraries) and keep abreast of CVEs and report the same to internal stakeholders Create security documents, design standard operating procedures, report findings and track them to closure by working with related stakeholders Present security reports to senior management post completion of security audits Suggest/Recommend improvement in existing deployment guides Adjust to rapidly changing requirements and timelines Track record of completing assignments on time with a high degree of quality
Technical Skills & Qualification
Minimum bachelor’s degree in engineering (Preferably in Electronics & Communications) Minimum 6-8 years of experience spanning across technical, network and security architecture. Good understanding of network protocols - TCP/IP, ICMP, HTTP Good understanding of cryptographic protocols - SSL/TLS and cipher implementation Good understanding of *Nix Platforms Good understanding of shell scripts, C/C++ and .NET based programs Proficiency in Network Penetration Testing and Application Security Testing Proficiency with Dynamic Scanning Tools like IBM APPSCAN, Burp Suite, Solid Experience in Web Application Penetration Testing including SOAP/REST APIs Knowledge of industry standards and compliance frameworks: CIS, NIST, FEDRAMP
Soft Skills
Ability to assess testing tools and deploy the right ones Ability to explain findings to non-technical professionals Excellent report writing and presentation skills Able to work independently but also as part of a team Flexibility to change direction and manage conflicting demands Must have strong written and verbal communication skills as you will be working with cross functional teams. Must possess strong problem-solving skills. Operate autonomously with minimum direction Must be a self-starter with the ability to master new technology concepts quickly.
About Crestron
Crestron is the world's leading manufacturer of advanced control and automation systems, innovating technology and reinventing the way people live and work, offering integrated solutions to control audio & video systems. Crestron streamlines technology, improving the quality of life for people in corporate boardrooms, conference rooms, classrooms, auditoriums, and in their homes.
Crestron's leadership stems from its dedicated people who are committed to providing the best products and services in the industry. This culmination of loyalty, devotion and innovation is what our customers refer to as "The Crestron Experience".
At Crestron, our automation and control solutions for buildings and homes let people control entire environments with the push of a button, integrating systems such as A/V, lighting, shading, IT, security, BMS, and HVAC to provide greater comfort, convenience, and security. All our products are designed and built to work together as a cohesive system, enabling our customers to monitor, manage, and operate everything from the cloud.
Crestron products are IoT enabled, providing our customers with the ability to easily manage and monitor devices using Crestron’s Cloud platform.
For more complete information about our products, you may visit our website at www.crestron.com