Toshiba Global Commerce Solutions is seeking a Cybersecurity Engineer to join a high performing team developing and deploying software solutions for the Retail industry. In this role, the engineer will be responsible for participating as a member of Toshiba Product Security team. The Cybersecurity Engineer will be assisting security architects, software developers, and cloud ops engineers in day-to-day activities, as well as helping automate repeatable security processes. This includes integration of the security tools with other systems. They will help with the implementation and updating of security tooling. Responsibilities also include evaluation of the vulnerability scan and risk assessment reports on completeness. Assist with the security architecture reviews and documenting security issues. Research information security topics, tools, techniques, and threats as directed. Work on the documentation of the information security processes under general direction. Perform other related duties as required or assigned. Monitor existing tickets and assist with the resolution. Know how to find answers. Understand available tools and resources to determine correct answers to security issues.
- Computer Science/Software Engineering/Cybersecurity degree or equivalent combination of education, professional certifications, and work experience in information security area.
- Understanding of information security principles and trends.
- Knowledge of cybersecurity methodologies, standards, and tools.
- Ability to work in a fast paced, team-based environment.
- Effective verbal and written communication; able to read, write, and speak English proficiently.
- Well-known cybersecurity certifications such as CISSP.
- Knowledge and working experience with various security testing tools (SAST, DAST, SCA).
- Experience in application security domain (such as OWASP Top. 10).
- Knowledge and experience with programming and scripting.
- Experience in cloud security.
- Automating repeatable security processes.
- Integrating security tools with other systems.
- Implementing and maintaining the Product Security tooling.
- Assisting with the security architecture reviews and documenting security issues.
- Researching information security topics, vulnerabilities, mitigation techniques, tools, and threats.
- Documenting information security policies and procedures.
- Conducting periodic access control inventories and assessments.
- Conducting security testing of applications and environments.
- Monitor existing tickets and assisting with resolution.
- Participate in the design, development, implementation, testing, and maintenance of systems supporting a variety of applications and business-critical functionality.
- Work directly within the agile development teams and stakeholders to help with existing requirements, adhere to timelines, and meet deliverables.