Share this Job

Security Consultant / Software Engineer - Bangalore/Pune

Date:  Nov 23, 2021

Bangalore, IN

Requisition ID:  30858

About Avaya

Businesses are built by the experiences they provide, and every day millions of those experiences are delivered by Avaya Holdings Corp. (NYSE: AVYA). Avaya is shaping what's next for the future of work, with innovation and partnerships that deliver game-changing business benefits. Our cloud communications solutions and multi-cloud application ecosystem power personalized, intelligent, and effortless customer and employee experiences to help achieve strategic ambitions and desired outcomes. Together, we are committed to help grow your business by delivering Experiences that Matter. Learn more at www.avaya.com.

About The Opportunity

Avaya is seeking an experienced security professional to join the Product Security Support Team-PSST, and larger Solution Architecture group reporting into the Office of the CTO. 
To be successful in this role the candidate must have hands-on experience and a proven record conducting security vulnerability testing and assessment, embrace continual learning, be willing to mentor and share ones’ security knowledge with PSST/Solutions Architecture team members, work on multiple projects simultaneously, effectively engage and consult with a diverse group of internal (e.g. Dev, Test, OPS, IT/Corporate Security, Professional Services, Product Management, Sales, etc.) and external (e.g. Avaya Customers, Business Partners, 3rd-party SaaS/OEM/Resellers, External Security Researchers, etc.) stakeholders, and establish oneself as a recognized thought leader among within the Avaya community.

About The Responsibilities

Primary Skillset/Role:

•Vulnerability Threat Management (VTM): 
oOversight of Avaya’s VTM policies, system/database, interact with product teams towards tracking/resolving product vulnerabilities, and creation of Avaya Security Advisories-ASA’s (posted at https://support.avaya.com/security)
oServe as a member of Avaya’s CVE Numbering Authority-CNA and manage the securityalerts@avaya.com mailbox which serves as a primary point of contact for External Security Researchers. Interface with Avaya product teams, Legal, PR/Communications, upper management, etc. as required.

•Internally focused Security Consulting: 
oAuthor of and/or Contributor to Avaya’s Security-related Engineering Criteria requirements.
oAvaya-internal-only consulting with respective Offer teams during the Avaya Product/Solution/Cloud Offer development process. 
oActive membership in Avaya’s Solutions Architecture/SOLSARCH, Security Council, Cybersecurity VT, and Avaya’s Incident Response Team

About The Requirements


•5+ years of security experience
•At least 3 years of experience spanning vulnerability assessment, security consulting, hardening, compliance, and operational security support
•Experience collaborating with internal teams and/or auditors on gathering evidence associated with compliance engagements e.g. Avaya Corporate requirements, PCI DSS, HIPAA, HITRUST, FedRAMP Attestation of Compliance-AOCs


•Experience with Linux, Windows OS, database platforms and 3rd-party Open Source Software
•Working knowledge of security assessment, penetration testing and associated open-source and commercial security tools (e.g. Qualys, Automated and Manual Web App scanners and proxies, API/protocol fuzzers, container and database scanners, Metasploit, Cloud-native security tools, etc.)
•Ability to create customized scripts (e.g. via Python, Perl, Ruby), Proof of Concept exploits and/or verify the same reported by external security researchers
•High-tech product software/firmware support experience. In-depth problem-solving skills with demonstrated ability to isolate problems to specific software/firmware components
•Demonstrated teamwork experience and desire to work in a fast-paced security consulting role 
•Excellent oral and written communication skills are needed to provide detailed technical analysis tailored to Avaya-internal as well as external customers 


5+ Years of Experience


Bachelor degree or equivalent experience
Master degree or equivalent experience

Preferred Certifications


Avaya is an Equal Opportunity employer and a U.S. Federal Contractor. Our commitment to equality is a core value of Avaya. All qualified applicants and employees receive equal treatment without consideration for race, religion, sex, age, sexual orientation, gender identity, national origin, disability, status as a protected veteran or any other protected characteristic. In general, positions at Avaya require the ability to communicate and use office technology effectively. Physical requirements may vary by assigned work location. This job brief/description is subject to change. Nothing in this job description restricts Avaya right to alter the duties and responsibilities of this position at any time for any reason. You may also review the Avaya Global Privacy Policy (accessible at https://www.avaya.com/en/privacy/policy/) and applicable Privacy Statement relevant to this job posting (accessible at https://www.avaya.com/en/documents/info-applicants.pdf).