Expert Security Engineer

About The Position

Requirements

• 5 years of progressive experience in cybersecurity, with a minimum of 3 years dedicated to ethical hacking, penetration testing, and application security.
• Proven expertise in ethical hacking and penetration testing methodologies, including network, web application, API, and cloud penetration testing.
• Deep understanding of application security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25).
• Expert-level proficiency with penetration testing tools.
• Strong understanding of application architecture and development.
• Demonstrated ability to independently identify, validate, and exploit security vulnerabilities with high fidelity.
• Exceptional verbal and written communication skills, with the ability to clearly articulate complex technical findings, risks, and remediation strategies to diverse audiences.
• Strong presentation skills, capable of conveying security insights and recommendations effectively to customers and internal stakeholders.
• Experience with cloud security assessments (e.g., Microsoft Azure Security).
• Familiarity with various security technologies (e.g., EDR, IDS/IPS, Firewalls, SIEM, Vulnerability Management tools) from an attacker's perspective.

Nice To Haves

• Experience with scripting languages (e.g., Python, PowerShell) for automation and custom tool development.
• Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC certifications.
• Industry-recognized certifications like CISSP, CompTIA Security+, or CySA+.
• Expert knowledge of Linux and Windows operating systems.
• Experience in security engineering, operations, and design best practices.
• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related technical field.

Responsibilities

• Lead and execute advanced penetration tests and ethical hacking engagements against Altera's critical systems, applications, and networks to identify and exploit security weaknesses.
• Conduct in-depth security reviews of applications, with a strong focus on understanding how they are built (e.g., Java-based applications) to uncover design flaws, coding vulnerabilities, and misconfigurations.
• Independently identify, analyze, and validate security vulnerabilities with high fidelity, demonstrating the ability to exploit them to assess potential impact.
• Leverage and master industry-standard penetration testing tools.
• Clearly articulate complex technical findings, security risks, and actionable remediation strategies through comprehensive written reports and compelling presentations to both technical teams and non-technical stakeholders, including customers.
• Provide expert consultation to development, operational, and other business units on secure design principles, application of security best practices, and the effective use of advanced security technologies.
• Maintain heightened awareness of current security vulnerabilities, attack vectors, and mitigation techniques, proactively communicating relevant findings and recommendations.

Benefits

• comprehensive benefit package
• additional “Perks”