Apply on Employer Site

TP-Link Systems Inc. · 1 day ago

Software Security Analyst

Irvine, CA

Full-time

Onsite

Mid, Senior Level

$100K/yr - $140K/yr

5+ years exp

TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, dedicated to enhancing connectivity for users worldwide. They are seeking a Software Security Analyst to review and analyze source code for security vulnerabilities, ensuring compliance with coding standards and improving application security.

ElectronicsHardwareHealth CareInternetSoftware

No H1B

Responsibilities

Conduct thorough audits of source code to identify vulnerabilities, security weaknesses, and coding inefficiencies

Review and analyze code across a variety of programming languages and frameworks, including but not limited to Python, Java, C++, JavaScript, Swift and Kotlin

Develop and maintain code auditing standards, processes, and tools to ensure consistent and high-quality reviews

Collaborate with development teams to provide feedback and guidance on secure coding practices and remediation strategies

Prepare detailed audit reports that outline findings, risks, and recommendations for improving code security and quality

Stay up to date with the latest security threats, coding standards, and best practices to continuously improve audit processes

Mentor junior auditors and provide guidance on auditing techniques, tools, and best practices

Work with cross-functional teams to integrate security practices into the software development lifecycle (SDLC)

Assist in developing and conducting security training and awareness programs for development teams

Qualification

Source code auditingSecure coding principlesAutomated code review toolsProgramming languagesApplication securityAnalytical skillsCertificationsCommunication skillsMentoringProblem-solving

Required

Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience

5+ years of experience in source code auditing, software development, or application security

Strong understanding of secure coding principles, software vulnerabilities, and common attack vectors (e.g., SQL injection, cross-site scripting, buffer overflow)

Proficiency in multiple programming languages and familiarity with a variety of development frameworks and environments

Experience with automated code review tools (e.g., SonarQube, Coverity, Checkmarx, Veracode) and manual code review techniques

Excellent analytical and problem-solving skills with a keen eye for detail

Strong communication skills, with the ability to explain complex technical concepts to non-technical stakeholders

Preferred

Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP) are a plus