Nivel cariera

Middle (2-5 ani), Entry (0-2 ani)

Limbi vorbite


Adresa/ adresele jobului


1 Recruiting_Header_GB

Position Summary:

The FOSS Engineer is responsible for ensuring that the developed code is compliant with the security standards for the free open source software being used by liaising with the functional owners of the project.

Job Responsibilities:

  • Responsible for delivery FOSS (free open source software) documentation structure, verification and validation of tool documentation content.
  • Open Source Components identification;
  • Keep the relation with software developers (owners) and client (FOSS office)
  • Development of tools and scripts (partly/on demand in collaboration with partners);
  • OSS vulnerabilities and security track record.
  • Responsible for performing in-depth security analysis associated with open source projects;
  • Perform vulnerability analysis and documentation;
  • Perform security research activities on both known and unknown vulnerabilities;
  • Engage with senior security researchers and assist with security research efforts;
  • Facilitate the delivery of accurate and actionable security information;
  • Document security tools and associated systems

Basic Qualifications:

  • 2+ years of experience in software development (C/ C++/ Java/ XML/ Python/ Perl etc.)
  • Knowledge of Free Open Source Software Components (FOSS) and types of OS licenses;
  • Demonstrated understanding of the Secure Development Lifecycle (security requirements, threat modelling, attack surface analysis);
  • Excellent written and oral communications skills; very good technical and commercial level of English is mandatory;
  • Excellent team collaboration
  • Capable of working in a fast paced agile environment

Preferred Qualifications:

  • OSS analysis and management tools (Black duck or similar: Palamida, Open Logic) will be considered an advantage;
  • Experience in IT Audit, Quality & Security Management will be considered an advantage
  • Knowledge of various operating systems and common applications;
  • OSS usage in analyses process;
  • Linux OS Knowledge;
  • Working with repositories (GIT, Perforce etc.)
  • Ability to perform vulnerability/penetration assessments;
  • Awareness of Kill Chain model;
  • Solid understanding of existing threats & mitigation / remediation strategies;
  • Demonstrate strong problem solving abilities whilst being able to work independently;
  • Understands the importance of strong process and structured documentation / reporting capabilities

What we offer:

  • An international team working with the world's largest automotive manufacturers;
  • Access to Harman University for extensive technical trainings;
  • Employee discounts on our HARMAN products (JBL, AKG, HARMAN Kardon);
  • Meal tickets;
  • Flexible working hours;
  • Medical subscription;
  • State of the art new office easily accessible by city transportation;
  • Fitness discounts;
  • and much more...