Senior Security Consultant at Westminster

Job Description

Avaya is seeking an experienced security professional to join the Product Security Support Team-PSST, with the PSST charter covering the following primary roles:

Avaya Product Development Process-mandated Security Assessment (SA): Conduct penetration tests of targeted product solutions and identify vulnerabilities prior to product release. Share vulnerability findings with respective product teams and upper management via the delivery of a PSST SA report.

Security Consulting: Avaya-internal-only consulting with respective product teams during the PSST SA process.

• Ownership of Avayas Common Engineering Criteria (CECs) including; Encryption, Trust & Certificate Management, AAA, SSO, DoS & Firewall, Data Privacy & FISMA, OS Hardening and the development of new CECs.
• Active membership in Avayas Security Council

Vulnerability Threat Management (VTM): Oversight of Avayas VTM policies, system/database and creation of Avaya Security Advisories (ASAs) for the Collaboration portfolio (Policies and ASAs posted at http://support.avaya.com/security )

• Interact with Development and Product Management contacts from the product teams towards tracking/resolving product vulnerabilities, and creating/posting associated ASAs.
• Manage the [Click Here to Email Your Resum] mailbox, which serves as a primary point of contact for External Security Researchers. Interface with Avaya Product Teams, Legal, PR, etc. as required.

Security-related Customer Support: Manage security escalations/tickets and respond to specific vulnerability findings for assigned product coverage areas. Serve as Security Consultant / SME in partnering with Pre-Sales/Sales, Professional Services and associated Delivery teams across Avaya to address customer Security concerns.

Required Qualifications:

• U.S. Citizenship required to handle Avaya Goverment/DoD related work
• B.S. degree in Computer Science, Computer Networking or related discipline
• Working knowledge of Linux, UNIX, Windows OS platforms
• Knowledge of TCP/IP, SIP, networking protocols, and database platforms
• Proven expertise in security penetration testing and associated open-source and commercial security tools (e.g. NMAP, Nessus, Retina, Automated and Manual Web App scanners and proxies, protocol fuzzers, database scanners, etc.)
• Ability to create customized scripts (e.g. via Perl, Ruby, Python)
• High-tech product software/firmware support experience
• In-depth problem solving skills with demonstrated ability to isolate problems to specific software/firmware components
• Demonstrated teamwork experience and desire to work in a fast-paced security consulting and technical customer service role
• Excellent oral and written communication skills are needed to provide detailed technical analysis tailored to Avaya- internal as well as external customers.

Desirable Qualifications:

• M.S. degree
• Previous experience with Avaya Aura portfolio of products (e.g. Avaya Aura core servers, call center solutions, endpoints/clients), data networking or security equipment (development or in-depth product support experience)
• Avaya, Cisco, Microsoft, RedHat, VMware or Security (e.g. CISSP, CEH, SANS, etc.) certifications, PCI DSS experience
• Knowledge of C/C++, Java, C#, iOS and Android development experience, PKI/CA/certificate management experience, JITC test and compliance (i.e. use and interpretation of STIG / SCAP tools).

Requirements: Job Function - Software Engineering, RESEARCH & DEVELOPMENT Job Level Individual Contributor

Job Requirements

 
Country: USA, State: Colorado, City: Westminster, Company: Avaya.