Product Security Analyst
About Huawei and the Cyber Security Evaluation Centre:
Huawei is the largest telecommunications equipment manufacturer in the world. At Huawei, we develop world-leading enterprise, carrier and consumer devices and sell to 45 of the top 50 operators world-wide including leading UK providers. Products range from the latest Android smart phones and dongles through to large core network telecommunications solutions.
Huawei have established a Cyber Security Evaluation Centre in the historic market town of Banbury, Oxfordshire with a team of highly-skilled security analysts seeking to improve the overall security of Huawei core telecommunications products. The Huawei Cyber Security Evaluation Centre is currently seeking talented security professionals to join a growing team of Product Security Analysts. Positions range from Graduate to Export level in this discipline.
About the Job:
Working in small multi-disciplined teams, you will set about the vulnerability assessment and penetration testing of Huawei core telecommunications products which typically run on real-time platforms with a variety of different architectures. Activities include:
- Hands-on Black Box and White Box penetration testing
- Increasing Testing Efficiency through automating tools and procedures
- Running state-of-the-art security and vulnerability assessment tools
- Networking (all levels of OSI 7-layer model)
- Use of Security Tools including Nmap, Nessus, OpenVAS, Qualys, Codenomicon Defensics and an understanding of their limitations
- Experience in working with non-Windows platforms
- Technical presentation/writing skills
- Scripting/programming skills in Python/Perl/bash
- Vulnerability Assessment
- Programming skills in C, C++ and Java
- Static analysis including usage of tools such as Coverity
- Telecommunications experience (protocols and topologies)
- One or more of CEH, OWASP, GIAC or OSCP certifications
- Embedded systems design, development or testing
What you get in return:
- Competitive salary and benefits
- Being part of a growing team of security professionals in a dynamic environment
- A commitment to your continued professional development through training, conference attendance and attaining relevant certifications.
Given the unique nature of the cyber security challenge all applicants must be able to obtain UK security clearance (DV).