What are the responsibilities and job description for the Cybersecurity Solutions Expert position at UL Solutions?
About the Role
We are seeking an experienced Senior Security Analyst to join our team at UL Solutions. As a key member of our security team, you will be responsible for driving upgrades to our technical requirements, programs, and processes to maintain our position as a leading provider of cybersecurity services.
Your expertise in conducting advanced penetration tests, hacking, and identifying issues in embedded products and software will be essential in helping us achieve our goals. You will also be responsible for collaborating with the Software & Security team to provide upgrades to UL's and industry technical requirements on security requirements along with other standard bodies.
Key Responsibilities
- Conduct security tests using automated tools, ad-hoc tools, and manual testing.
- Conduct penetration testing against different technological domains, including web products, hardware products, wireless products, software, cloud-based software, and smart device applications.
- Assess and calculate risk based on vulnerabilities and exposures discovered during testing.
- Create required information security documentation, technical reports, and formal papers on test findings and complete requests in accordance with requirements.
- Handle and complete customer projects to defined requirements in the timeframe required by customers with the highest quality and integrity of work.
- Meet and exceed customer expectations with projects and other related tests and activities.
Requirements
- University Degree (Equivalent to a Master's degree) in Computer Science or a related discipline plus generally four years' experience in cybersecurity, software development, or ethical hacking.
- Experience installing and using various OS distributions and application packages.
- Hands-on experience with commercial, open-source, and free security solutions such as AppScan, Fortify, Maltego, Kali Linux, Nessus, OpenVAS, Qualys, Core Impact Pro, MetaSploit, nmap, nessus, ettercap, static source code analysis tools, fuzzing tools, dynamic binary testing tools.
- Understanding of security issues on various operating systems, open-source web and database platforms.
- Experience scripting in one or more of the following languages: sh, csh, perl, python, awk, ruby, and programming experience in C, C , Java.
- Security-related certifications a plus: CISSP, CISA, CEH, GIAC.
- Strong expertise in testing in two or more of the following domains: Embedded software, embedded security, industrial control systems / SCADA, medical devices, telecom and networking equipment.
