M+E Technology Job Board
Engineering Manager, Cloud Security
Aspera
Aspera, an IBM company, is the creator of next-generation transport technologies that move the world’s data at maximum speed regardless of file size, transfer distance and network conditions. Based on its patented, Emmy award-winning FASP protocol, Aspera software fully utilizes existing infrastructures to deliver the fastest, most predictable file-transfer experience. Aspera’s core technology delivers unprecedented control over bandwidth, complete security and uncompromising reliability. Organizations across a variety of industries on six continents rely on Aspera software for the business-critical transport of their digital assets.
High-profile users include James Cameron’s Lightstorm Entertainment who relied on Aspera software for moving massive visual effects files across continents during the production of Avatar, Netflix who receive all their video content directly to their cloud infrastructure via Aspera On Demand and BGI, the world’s largest genome research organization where Aspera solutions are used to enable global collaboration between scientists across the globe.
We are seeking a hands-on Senior level contributor to partner with our DevOps, Architecture, and Engineering teams to ensure Aspera continues to incorporate exceptional security measures and features within its offerings.
In our high performance culture you will continuously release products while delivering the best quality and security. The ideal candidate for this position has exceptional technical skills and is highly knowledgeable in application and operations security. You will be responsible for the architecture, design, and coding of the security framework for our multi-tiered distributed software system that span from communication protocols, to back-ends, to the web application front end.
Responsibilities:
- Focus on defining and enhancing current security programs and quality programs
- Develop an analysis framework for vulnerabilities
- Coding the security framework components
- Develop patches and new security features to help mitigate security flaws
- Coordinate activities during the deployment of security-relevant features
- Perform security code audits and design reviews
- Architect, design, and code Aspera’s end-to-end security framework
- Threat and vulnerability analysis
- Code analysis
- Penetration-testing (coordination and evaluation)
- Ability to deliver results quickly and efficiently with iterative approaches
Requirements:
- Bachelor’s degree in computer science, electrical engineering, information systems or related discipline is required; Master’s degree a plus
- Strong software development background: C/C++, Ruby and systems programming
- Expert knowledge of applied cryptography and software security
- Ultra familiarity with common software security threats, CWE
- Expert knowledge of applied cryptography and software security
- Proven record – contribution or ownership of security framework design and implementation for large scale software systems
- Authentication and distributed authorization frameworks (SAML, OpenID, OAuth(2))
- Code analysis and scanning tools and processes
- Secure communication protocols, data protection, secure interaction with authentication and authorizations systems, and cloud services (particularly cloud storage)
- Tools and processes for penetration test and vulnerability assessment for distributed software systems including web applications front end, back end
Aspera
Aspera, an IBM company, is the creator of next-generation transport technologies that move the world’s data at maximum speed regardless of file size, transfer distance and network conditions. Based on its patented, Emmy award-winning FASP protocol, Aspera software fully utilizes existing infrastructures to deliver the fastest, most predictable file-transfer experience. Aspera’s core technology delivers unprecedented control over bandwidth, complete security and uncompromising reliability. Organizations across a variety of industries on six continents rely on Aspera software for the business-critical transport of their digital assets.
High-profile users include James Cameron’s Lightstorm Entertainment who relied on Aspera software for moving massive visual effects files across continents during the production of Avatar, Netflix who receive all their video content directly to their cloud infrastructure via Aspera On Demand and BGI, the world’s largest genome research organization where Aspera solutions are used to enable global collaboration between scientists across the globe.
We are seeking a hands-on Senior level contributor to partner with our DevOps, Architecture, and Engineering teams to ensure Aspera continues to incorporate exceptional security measures and features within its offerings.
In our high performance culture you will continuously release products while delivering the best quality and security. The ideal candidate for this position has exceptional technical skills and is highly knowledgeable in application and operations security. You will be responsible for the architecture, design, and coding of the security framework for our multi-tiered distributed software system that span from communication protocols, to back-ends, to the web application front end.
Responsibilities:
- Focus on defining and enhancing current security programs and quality programs
- Develop an analysis framework for vulnerabilities
- Coding the security framework components
- Develop patches and new security features to help mitigate security flaws
- Coordinate activities during the deployment of security-relevant features
- Perform security code audits and design reviews
- Architect, design, and code Aspera’s end-to-end security framework
- Threat and vulnerability analysis
- Code analysis
- Penetration-testing (coordination and evaluation)
- Ability to deliver results quickly and efficiently with iterative approaches
Requirements:
- Bachelor’s degree in computer science, electrical engineering, information systems or related discipline is required; Master’s degree a plus
- Strong software development background: C/C++, Ruby and systems programming
- Expert knowledge of applied cryptography and software security
- Ultra familiarity with common software security threats, CWE
- Expert knowledge of applied cryptography and software security
- Proven record – contribution or ownership of security framework design and implementation for large scale software systems
- Authentication and distributed authorization frameworks (SAML, OpenID, OAuth(2))
- Code analysis and scanning tools and processes
- Secure communication protocols, data protection, secure interaction with authentication and authorizations systems, and cloud services (particularly cloud storage)
- Tools and processes for penetration test and vulnerability assessment for distributed software systems including web applications front end, back end