Post Wed Sep 23, 2009 11:45 am

Security Researcher (product) GLOBAL locations-Research in Motion

Please contact sschut@rim.com

The Security Researcher will work with the BlackBerry Security team and other internal groups to actively test, measure and extend product security.  The incumbent will track and assist in the resolution of any issues  found and will work to promote and cultivate secure engineering practices within the development organization. The successful candidate will also assist the Product Security Response and Outreach Team in managing the resolution of product security incidents as may arise.

RESPONSIBILITIES

The successful candidate's responsibilities will include:
• Identify, parameterize and resolve BlackBerry specific threats
• Develop, manage and document test methodologies, systems and equipment
• Produce technical evidentiary documentation findings and impact
• Conduct research and reports on current and emerging threats in the relevant product space  and on specific technology issues as required
• Advise on the safe integration of said technologies and advise the development team as to required product features or changes to support a strong ongoing security stance
• Using effective oral and written communication skills, the candidate must be able to efficiently and creatively solve  security issues by making insightful and timely decisions, in complex enterprise environments
• Liaise with various internal teams and external parties to facilitate the smooth and expedient resolution of product security issues and associated communications
ESSENTIAL SKILLS AND QUALIFICATIONS
• Expertise in multiple technical areas, with in-depth knowledge of multiple security domains
• Proven ability to hack hardware and software, discover flaws and suggest improvements
• Secure coding methodology and best practices
• Strong programming /debugging skills with proficiency in one or more of the following  sets:
  a. Java, JavaME
  b. Windows system level programming (C/C++)
  c. x86 ASM and OS concepts
  d. ARM ASM and embedded OS concepts
  e. AJAX, Javascript, PHP
• Demonstrated analytical and creative problem solving abilities
• Strong written and verbal communication skills including the ability to convey highly technical information in an accessible manner
• The ability to work with minimal supervision as part of a multi-disciplinary team
• Possess a strong work ethic and desire to get the job done
• Bachelor Degree, Masters Degree or equivalent in a Computer Science/Engineering related field
ADDITIONAL ASSETS
• Product and network penetration testing
• Application security configuration and best practices
• Automated code analysis for security issues (static analysis in particular)
• Database security
• Wireless communications security  (802.11, Bluetooth, cellular data etc)
• Voice over IP (VOIP) security
• Analyzing malware
• Experience with digital hardware engineering, test and debugging