About Us

Ribbon Communications (Nasdaq: RBBN) delivers communications software, IP and optical networking solutions to service providers, enterprises and critical infrastructure sectors globally. We engage deeply with our customers, helping them modernize their networks for improved competitive positioning and business outcomes in today's smart, always-on and data-hungry world. Our innovative, end-to-end solutions portfolio delivers unparalleled scale, performance, and agility, including core to edge software-centric solutions, cloud-native offers, leading-edge security and analytics tools, along with IP and optical networking solutions for 5G.

https://ribboncommunications.com/

Job description:

We are recruiting for a security expert to join our security team and help us ensure the highest level of security for our products and services. As a security expert, you will work closely with product development teams (H/W & S/W), assess security risks, recommend security solutions, and support customer facing teams with security related customer engagements. You will also monitor and report on security incidents, vulnerabilities, and compliance issues.

Responsibilities

• Provide technical support to product development teams on security best practices, standards, and guidelines, and act as a security consultant to assist as required
• Support the product teams with technical risk assessments and resolution of vulnerabilities and security issues
• Work with the product teams to ensure they comply with the Ribbon product security posture.
  • Review and approve security plans each release
  • Conduct threat modeling
  • Conduct security audits and review artifact (scans, defects, pen test reports) to ensure severity and risks are well managed
  • Provide support with security testing and act as consultant to the security test teams
• Support customer facings teams with RFPs, audits, customer requests such as security questionnaires, contract renewals, analysis of customer reported security findings
• Provide support for customer security reviews and deep dives
• Assess security risks and recommend security solutions for new and existing products and services
• Research and stay current on the latest security trends, threats, and technologies

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field
• At least 5 years of experience in security-related roles, such as security analyst, security engineer, or security consultant
• Strong knowledge of security frameworks, standards, and best practices, such as ISO 27001, NIST, CIS, OWASP.
• Strong knowledge of security protocols, PKI/X.509, Identity Management and centralized authentication (e.g. Radius, LDAP, TACACS+, SAML, OAuth, OpenID), Linux and OS hardening.
• Experience or familiarity with virtualized and cloud-based software architectures, including Virtualized Network Functions, Cloud-Native Network Functions, DevOps/DevSecOps methodologies, Public Clouds
• Experience with security testing and assessment methods, such as penetration testing, vulnerability scanning, risk analysis, etc.
• Experience or familiarity with threat modeling and methodologies (e.g. STRIDE, OCTAVE, PASTA, VAST, Attack Trees, etc.)
• Excellent communication and presentation skills, both written and verbal
• Ability to work independently and collaboratively with cross-functional teams from across the globe.
• Certifications such as CISSP, CISM, CEH, or OSCP are a plus

Please Note:

'All qualified applicants will receive consideration for employment without regard to race, age, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, on the basis of disability, or other characteristic protected by applicable law.'