Software Engineer (CA)
Do you want to help eliminate barriers between ideas and business outcomes? We want you to bring your unique experiences and creative ideas to the table. CA Technologies provides software and solutions that help our customers to develop, manage, and secure complex IT environments to increase productivity and enhance competitiveness in their businesses. It's our aim to encourage global collaboration and results-oriented innovation, while supporting and developing our talented people and our communities. CA Technologies will empower you to drive authentic success, for both the business and yourself in the application economy.
- Conduct security assessments like penetration tests, architectural risk analysis or code review for various CA products. Must be able to perform assessment both manually and with the assistance of automated tools, in order to ensure applications, systems, and networks are not susceptible to known attack vectors.
- Analyze the results of vulnerability assessments and code reviews, write reports based on that analysis, and advise product team of vulnerabilities, risk and mitigation.
- Support the routine vulnerability assessment and consulting assignments
- Stay informed about the latest developments in the information security field, including new products and services, through on-line news services, technical magazines, professional associations, industry conferences, training seminars, and other information sources.
- Support departmental and organizational activities, goals and objectives as required.
Desired Skills and Experience
- At least 2-5 years of experience in conducting vulnerability assessments, code reviews and penetration tests against web application technologies, services, platforms and languages to find flaws and exploits (e.g., Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery, Authentication / Authorization and Business Logic Bypass, OWASP Top 10, CWE/SANS top 25, PCI, etc.)
- Secure software development experience and/or training and knowledge of SDLC methodologies
- Experience with vulnerability assessment tools and penetration testing techniques. (e.g., web application scanners, static source code analyzers, web application proxies, infrastructure / network vulnerability scanners, packet capture and analysis software, network mapping and port scanners, exploit automation platforms, OWASP, OSSTM, WASC, website configuration best practices, etc.)
- Knowledge of vulnerabilities in various operating systems, databases, and networks, in relation to hardening, configuration, deployment, and administration
- Excellent written and oral communication skills, including the ability to compose concise and accurate assessment and audit reports while being able to explain attacks and root cause of vulnerabilities to technical staff and upper management
- Actively contribute within a team of security professionals, as well as the capability to work independently with limited direction
- Must have the inquisitiveness to try out and explore new areas in application security or security in general
- Last but not the least, must be able to distinguish between o and 0.
- Required: Bachelor's, Degree
- Preference given to candidates with applicable certifications from organizations such as EC-Council, SANS, ISACA, ISC(2), PCI, etc.
- Minimum 2+ years of experience in penetration testing (tools experience like IBM Appscan, BurpSuite, Web inspect etc),
- Source code analysis (tools like fortify),
- Threat modelling,
- Deep knowledge on OWASP Top 10.
- Proficiency in any of the programming languages (Python, Java, C, C++)
- Prior Development experience is added advantage.
- Certifications: CEH, OSCP etc
If you want to fulfill your potential, be acknowledged for your achievements, and be given autonomy to make decisions for your business and customers; if you want to work with a company that respects you as an individual - recognizing both your needs at work and your responsibilities outside of it - then CA Technologies is where you belong. At CA Technologies your passion and expertise can directly impact the business and you'll help offer our customers practical approaches to delivering new, innovative services and value through IT.
Learn more about CA Technologies and this opportunity now at http://ca.com/careers
Note to Recruiters and Placement Agencies: We do not accept unsolicited agency resumes. Please do not forward unsolicited agency resumes to our website or to any of our employee. We will not pay fees to any third party agency or firm and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes received will be considered our property and will be processed accordingly.
Meet Some of CA Technologies's Employees
Director of User Experience
Tania oversees the ongoing development of CA’s Agile Management Business Unit and the customer-centered user experience of its products.
Back to top