Mountain View, CA•April 23, 2024
Title: Web Application Security Assessment and Research Engineer
Company: Samsung Research America (SRA)
Lab: MPS/ B2B
Location: Mountain View, CA
General Description:
Samsung is constantly working to improve the usefulness and security of its mobile devices through the addition of integrated web services. These services must be founded on a strong basis of Identity and Authorization Management. Samsung is looking for candidates to help evaluate and improve the security of its next generation IAM systems, which will tie together products ranging from Find My Mobile to Samsung health, and provide users with easier ability to authenticate and delegate authority to 3rd party services.
Position Summary:
Candidates working in this position will focus on vulnerability analysis and pen testing of Samsung’s next generation Identity and authorization management service, and other integrated web services. You will analyze our distributed system’s web applications, server configurations, protocols, and cryptography using both pen testing and code review. You will have access to previous findings and system design documentation to streamline your process. Previously published research results conference, CVE, or otherwise, are encouraged.
Technical Keywords:
Exploitation, Web application security, CSRF/XSS, IAM, OAuth, OIDC, pen testing, security research, code review, network security, cryptography, protocols, OWASP top 10, authenticationResponsibilities:
Technical Background Required:
Qualifications:
Additional Information
Work Hours
Incumbent must make themselves available during core business hours.
Physical Requirements
This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms.
EEO Statement
Samsung is committed to encouraging a diverse workplace and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.
If you have a disability or special need that requires accommodation, please let us know.
All your information will be kept confidential according to EEO guidelines.