Senior Security Response Engineer

Full Time
New York, NY
Areas of Interest: Incident Response, Software Assurance and Security Engineering, Vulnerability Assessment and Management
report a problem
Overview

Do you want to work for a company where security is the number one priority and not just an afterthought? At BlackBerry, we believe that being passionate about security means it starts during the product design phase, is implemented through the full stack of technology, and is consistently maintained with a robust patching strategy. Keeping our enterprise customers and end users BlackBerry Secure has been our top priority since our first security advisory in 2004 and is the heart and soul of what we do.

 

We are looking for security engineering researchers to join our Security Incident Response Team. You will primarily analyze the world’s most secure Android operating system, but will also kick the tires of our flagship UEM Unified Endpoint Management (aka BES) and get your hands dirty with Good, our container solution.

 

Come and join our rapidly growing team of Response Engineers; be a part of a high-powered and high-performing team that regularly works across the entire organization, with everyone from product teams to executives. Urgent escalations from enterprise customers, investigating open source vulnerabilities, working with security researchers and a regular patching cycle are all core to this role. The work is diverse, has executive visibility, and is ever changing.

                                

POSITION SUMMARY

BlackBerry strives to build and maintain the most secure, trusted solutions possible. To continue our tradition of excellence, we are looking for individuals in the security space who are technically skilled, knowledgeable, passionate, and experienced to join BlackBerry.

 

The BlackBerry Security Incident Response Team (BBSIRT) is a center of excellence working to ensure the ongoing security of our products and services for customers and partners worldwide.

 

We are currently looking for security minded individuals to support our Secure Android Operating System and 30-day patching program and other efforts responding to emergent software-based cyber threats or incidents involving BlackBerry products and services. The successful candidate will work in a fast-paced, highly dynamic and challenging environment and will work with various teams across the organization to support vulnerability mitigation efforts, from identification of potential issues to analysis, mitigation, and related internal and external communications. The technical and threat landscape change constantly and this position would suit someone willing to continually learn while working on cutting edge technologies and handling multiple priorities.

 

The ideal candidate will already be able to build and manage relationships in a large, complex ecosystem but must be willing to grow this experience. The role centers on solving problems at the intersection of technology and people.

 

RESPONSIBILITIES

  • Directly support Android operating system vulnerability investigation, driving a monthly patching cycle, and open source software updates
  • Identify, track and report on emergent threats to the security of BlackBerry products, associated companies, and customers.
  • Work with research and engineering teams to provide in-depth technical analysis of security issues and work across the organization to support and ensure holistic remediation efforts. These are often time critical.
  • Triage code defect based issues and quantitatively evaluate risk using industry standard metrics such as CVSS.
  • Prioritize and coordinate case-specific response activities, driving timely and appropriate remediation of issues. Reporting the problem is not enough; solutions should be offered.
  • Track and report on remediation efforts
  • Cultivate strong working relationships with external researchers, reporting organizations and customers to ensure effective collaboration. Work with customer facing and internal teams to continually improve processes used to identify and fix product security issues
  • Continually deepen knowledge and skills in support of maintaining the security of BlackBerry customers.
  • Create effective communications for internal and external customers, working with others to ensure professional and accurate information delivered.

 

ESSENTIAL SKILLS AND QUALIFICATIONS

  • Strong system level Java/C++ programming and debugging experience
  • Ability to analyze code behavior down to assembly level language
  • Able to track and manage numerous parallel activities
  • Firm grasp of secure software development lifecycle
  • Holds a Bachelors degree, Masters degree or equivalent in a computer science/engineering OR related and relevant experience
  • Understands common classes of product security vulnerabilities and attack/defense methodologies deeply
  • Knowledge of the architecture of at least one common OS such as Android, Linux, Windows.
  • Knowledge of application security configuration and best practices
  • Experience with issue management as well as designing/defining proactive mitigation strategies
  • Strong written and verbal communication skills with both technical and non-technical audiences
  • Demonstrates advanced analytical skills
  • Cool under pressure, objective and diplomatic
  • Able to work collaboratively with minimal supervision as part of a multi-disciplinary team

 

ADDITIONAL ASSETS

  • Reverse engineering skills
  • Some knowledge of wireless communications security (802.11, Bluetooth, cellular data, etc.)
  • Personable – some customer contact will be needed
  • Ability to create proof of concept exploits for common types of vulnerability

 

If you're driven to take enterprise, mobile and embedded technologies to the next level, it's time you join the team at BlackBerry. We offer a challenging environment that fosters creativity and rewards excellence. Employees also have use of our award winning BlackBerry technology.



We are BlackBerry, a global mobile communications leader who revolutionized the industry with its introduction in 1999. Today, BlackBerry’s products and services, from messaging to enterprise mobility, are relied on by millions of individuals every day to securely and efficiently connect them to the content and people that matter most. At BlackBerry our instinct for innovation is relentless, so as we continue to push the boundaries of mobile experiences, we continue to drive the talent, passion and creativity of our employees.

©2017 BlackBerry. All right reserved. BlackBerry® and related trademarks, names, and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world.

It is the policy of BlackBerry to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law.

EEO Minorities/Females/P​rotected​ Veteran/Disabled



Share this job:

BlackBerry

BlackBerry secures, connects and mobilizes the enterprise. To manage today’s enterprise of things, BlackBerry provides a software platform that enables and manages security, mobility and communications between and among hardware devices, programs, mobile apps and the internet of things. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates in North America, Europe, Middle East and Africa, Asia Pacific and Latin America. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ. For more information, visit www.BlackBerry.com.

Specialties
Software, CyberSecurity Services, Enterprise Mobility Management, Enterprise File Sync and Share (EFSS), and Internet of Things (IoT)
Visit BlackBerry's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 5,001-10,000