Security Research Student – Compliance Programs – 4 or 8 Month Fall Term
City : Waterloo
Category : Software & Systems
Industry : IT
Employer : BlackBerry
Worker Sub-Type:
Student (Fixed Term)Job Description:
Today, BlackBerry® is a transformed company. We’re no longer about the smartphone, what we once did for smartphones is what we’re now doing for Enterprise of Things (EoT) – envisioning, enabling and securing new forms of communication that are connecting the business world in extraordinary new ways. We have the most complete and advanced end-to-end solutions to enable EoT, and our ideas lead the way in the hottest markets like cybersecurity, SaaS, neural networks and autonomous vehicles.
Today our software is trusted by the world’s most important organizations, including all of the G7, 16 of the G20, NATO, financial firms, healthcare providers and educational institutions. BlackBerry technology is further embedded in millions of ‘things.’ You can find BlackBerry in smart watches, medical devices, cars, trains, robots, smart meters, TV broadcast equipment, wind turbines, hydroelectric plants, pilot training simulators, mail-sorting machines and, of course, tablets and smartphones just to name a few.
Position Summary
Are you looking to learn like never before in a co-op position? Are you excited about software security? The Security Research Group might be looking for you. The Security Research Group:
- Creates and documents security control remediation and mitigation in Governance, Risk and Compliance tools and relevant documentation.
- Provides security guidance and requirements to enable secure software development best practices.
- Evaluates, and uses tools to find new and known security vulnerabilities in software.
You’d work with a geographically distributed team of experts in software security. We are looking for motivated individuals who are up for the challenge of breaking the security of BlackBerry products. We are also looking for candidates who are interested in researching new and exciting advancements to the field of software security. On the job security mentorship training will be provided.
Interest and a desire to learn is paramount for a position as a security research assistant. Previous knowledge in computer security is very beneficial, but not required.
Location: Waterloo or Ottawa, ON
Length of Term: 4 or 8 months
What you will do
The successful candidate will be involved in one or more of the following research and development projects for their term:
- Supports governance & compliance activities for the Secure Software Development Lifecycle and compliance frameworks, including leveraging Governance, Risk and Compliance (GRC) platforms to help automate providing security requirements and assessing compliance status.
- Integration of GRC and software testing security tools (both in-house and commercial) and Defect Management tools (such as Jira) with GRC tools and security reporting dashboards.
- Developing reports and dashboards in tools such as Power BI.
Alongside the project above, you will also be responsible for:
- Collecting, evaluating, documenting, and presenting on the project you are involved with
- Developing your own software security, risk and compliance expertise through the available mentorship program
Who we are looking for
- Currently enrolled in a post-secondary program in Computer Science, Software Engineering, Cyber Security, Software Security or related field of study
- Knowledge of Python or other scripting language or experience with integration of tools leveraging API's
- A strong desire to learn, demonstrated through personal projects or self-directed learning.
- Background in at least two of the following skill sets:
- Governance, Risk and Compliance or Audit experience for either Cyber or Application Security. Leveraging tools and systems for gathering, assessing and managing risks.
- Cloud technologies such as Kubernetes, Docker containers, Infrastructure-as-Code, AWS, Azure.
- Python automation of security tools.
- Automated web security testing frameworks.
- Strong analytical and problem-solving skills demonstrated through past experience.
- Strong written and verbal communication skills; being able to convey highly technical information in a succinct and accurate way.
- Ability to innovate; to brainstorm, research, design, and implement extensions, improvements, or alternatives to a base concept.
- Ability to integrate into a multi-disciplinary physically distributed team.
Above and beyond
- Proven ability to hack software, discover flaws, and suggest improvements, demonstrated through activities such as CTFs
- Expertise in multiple technical areas or on large software development projects
- Software penetration testing
Student Life at Blackberry
- Growth Mindset: employees have access to skills training and professional development courses, mentorship programs as well as unlimited access to our on-demand learning platform.
- Commitment to Wellness: employees have access to events that support physical, mental and financial wellness. We host wellness sessions, fitness courses, discounts to local gyms and offer a 24/7 Employee Assistant Program (EAP).
- Highly collaborative teams and a supportive workplace environment, with organization-wide events and a student social committee.
- Employee Perks: we have snack and beverage programs at all locations. Students also have access to discounts for local stores, transportation, restaurants and activities.
See more about the student program at BlackBerry over on our Instagram @BlackBerryStudentLife
Scheduled Weekly Hours:
40