Partners Data Systems
Job ID R99923 Date posted Feb. 22, 2019
Global Technology Audit Advisor - Senior Security Test Engineer
Austin, TX USA
Dell provides the technology that transforms the way we all work and live. But we are more than a technology company - we are a people company. We inspire, challenge and respect every one of our over 100,000 employees. We also provide them with unparalleled growth and development opportunities. We can't wait for you to discover this for yourself as a Global Technology Audit Advisor - SeniorSecurity Test Engineer on our Global Technology Audit Group team in Austin, TX.
We're a global business - a multi-billion-dollar corporation. To stay strong and secure, it's vital to have a robust audit and risk assessment of our financial and operational practices. That's where our Internal Audit professionals come in. Preparing independent audit plans, conducting internal reviews and establishing audit criteria, they ensure full compliance with legislatively mandated initiatives. Auditing the activities of diverse departments, reporting the results to leadership and the Audit committee - and recommending controls if appropriate - this dedicated team makes sure that our organization is a fully compliant success.
We are currently seeking a Global Technology Audit Advisor - Senior Security Test Engineer to join our Global Technology Audit Group, based in Austin, TX.
* Execute the security testing strategy in the Global Technology Audit Group
* Lead security testing education strategy to teach other Technology auditors at Dell how to find and address security issues
* Research and deploy the cutting edge testing tools that help advance security testing
* Lead security testing engagements with audit teams them on security testing methodologies and techniques
* Write custom tools that can help audit teams in doing efficient security testing
* Work with auditors and Cybersecurity to identify risks / security issues and provide teams with scripts and tools used to produce the issues
* Document and share with the audit teams which issues are discovered including the steps to reproduce and mitigate them
* Document generic test cases for publication in the organization knowledgebase
* Collaborate and contribute to security testing community across the company to share best practices
* Write white papers on different testing topics and present in conferences
* Perform design and operating effectiveness test for IT general controls
* Review, documentation, assessment, and testing of IT General Controls, Application Controls and IT-dependent manual controls
* Assist in planning and testing including special projects
* Conducts cybersecurity and data security and protection audits
* Prepares audit plans and understands the specific issues to be evaluated
* Develops formal written reports to communicate audit results to leadership
* Recommends system and control improvements to increase efficiency and effectiveness
* Travel Requirements: 15-20%
* Bachelor's Degree in Accounting, Information Systems, Computer Science, Business Administration or related field
* Minimum of 3-5 years' experience in External or Internal Audit
* Working knowledge of COBIT, IIA Standards, NIST and PCAOB Standards
* Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10, SANS/CWE top 25, and vulnerability scanning
* Experience in understanding and leveraging reports from scanners such as IBM Appscan, Nessus, Qualys, Twistlock
* Experience working with UNIX, Windows, ERP and Oracle database security
* Understanding of SDLC/Application Development audit, and SSAE/SOC reports
* Experience with auditing network security
* Proven experience in discovering authentication and authorization bypass defects
* Experience in writing exploits
* Experience in extending the tools like ZAP, BURP, etc…
* Be able to think like an attacker
* Subject Matter Expert on software vulnerability types and exploitation
* Knowledge of how to test code and applications across various platforms (Linux, Windows, etc.) for security issues
* Knowledge of at least one programming or scripting language such as Python, Java, C, Ruby, etc…
* Strong understanding of the network stack including ports and protocols
* Experience performing application black-box and white-box penetration testing preferred
* Certifications such as CISA, CIA, CEH, CISSP, Security+ a bonus
* Good presentation & documentation skills
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities - all to create a compelling and rewarding work environment.
If you would relish the challenge of auditing in an organization generating more than 60 billion U.S. dollars, this is your opportunity to develop with Dell.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.
About Partners Data Systems
Partners Data Systems is a company that provides high availability storage and backup automation solutions.