Senior Product Security Tester  

Who We Are

Lightship Security is an IT Security Testing lab. We test market leading products against IT security standards and we do it twice as fast as any of our competitors, using our Greenlight testing platform. We are an innovative, passionate and growing team working with clients around the world. Canadian Business Startup 50 recognized Lightship Security is one of Canada’s Top New Growth Companies in 2019. We are committed to creating real world value through continued innovation in this field. Headquartered in Ottawa, Canada – we are expanding to Austin, Texas to meet the growing demands of our customers and the market.

Do you share our values?

  1. We solve problems for our clients
  2. We work hard with integrity
  3. We are technical experts
  4. We value family
  5. We have fun

Who We Want

We’re looking for a Senior Product Security Tester to join our team in our newly established lab in Austin, TX. Working with leading edge security technology vendors from around the world to perform conformance testing to various IT security Standards such as FIPS 140-2 and Common Criteria. Sound good? Here’s a little more about the job.

  • Lead projects in the review, consultation and assessment of products against international standards such as Common Criteria and FIPS 140-2 as well as against custom security requirements.
  • Lead workshops with customers, consultation and assessment of a product’s security architecture, constructing standards-based documentation such as a Security Target, analysis and assessment of system entropy quality, construction and/or execution of a standards-based test plan using Lightship’s Conformance Automation Platform tool, vulnerability analysis and penetration testing.
  • Interface with customers to provide them with sound technical consulting and support during the testing process.

Requirements

As the ideal candidate, you have:

  • Minimum of 5 years experience performing IT security product testing or experience in security product hardware/software design; or must have a minimum of 7 years experience working in IT security;
  • Strong knowledge of networking technologies, protocols and information delivery such as: TCP/IP, SSL/TLS, SSH and HTTP;
  • Demonstrative experience with programming and scripting languages such as: Python, Bash and C;
  • Demonstrative experience using Linux and Windows operating systems;
  • Demonstrative experience with virtualization technologies, such as hypervisors and software-defined networking;
  • Experience with vulnerability analysis and penetration testing of both hardware and software targets;
  • Knowledge of fundamental cryptographic concepts and leading cryptographic algorithms;
  • A University degree or college diploma in a technical field is required;
  • Minimum 2 years experience in a customer-facing technical role;
  • Ability to manage concurrent projects;
  • Excellent communication skills: ability to express requirements in technical and non-technical terms to customers, peers, and management; must be able to prepare consistent and quality reports for consumption by critical customers;
  • A proven ability to work independently; and
  • Possess creative and critical thinking skills.
  • Able and willing to travel internationally <20% and hold a valid passport.
  • All candidates must be eligible for a Government Security Clearance (Canadian and USA)
  • All candidates must have a valid work permit in the USA.

Bonus, but not required:

  • Knowledge of FIPS 140-2, Common Criteria, and other related standards are an asset.
  • Knowledge and experience using X.509 PKI and cryptographic libraries are an asset.

This position is located in Austin, TX and well suited to a Tester/Evaluator looking for an opportunity to join an industry leading team on a considerable growth journey.

Ready to Apply?

Please send us your resume and tell us a little about yourself and why this position is of interest to you.

apply@janehillconsulting.com

Only those selected for an interview will be contacted. No agents, please.