Lead Security Engineer- Remote

Crestron is in need an additional Lead Security Engineer to help existing security team members improve and maintain security posture across all eight cloud-based services. A lead security engineer is required to identify, define and implement mechanisms protect against cyberattacks on critical cloud-based resources maybe subjected to highly probable attacks due to their public network connectivity.

Job Requirements:
  • Audit Crestron Products, and customer facing cloud infrastructures to identify vulnerabilities, risks and application of standard practices for hardening
  • Understand Features, participate in Security Requirement reviews and derive Threat Models
  • Write Security Test Plans based on the Threat Models
  • Develop automation scripts to automate mundane security testing
  • Conduct manual penetration testing of devices, Web APIs and endpoints based on defined test plan
  • Identify, record, document product vulnerabilities and escalate their severity based on impact to product security
  • Perform limited security code review of cloud based solutions and products released at Crestron
  • Research on platform specific vulnerabilities (Android, Linux Libraries) and keep abreast of CVEs and report the same to internal stakeholders
  • Create security documents, design standard operating procedures, report findings and track them to closure by working with related stakeholders
  • Present security reports to senior management post completion of security audits
  • Suggest/Recommend improvement in existing deployment guides
  • Adjust to rapidly changing requirements and timelines
  • Track record of completing assignments on time with a high degree of quality


  • Minimum Bachelor’s degree in Engineering. (Preferably in Electronics & Communications)
  • Minimum 10 years of experience spanning across technical, network and security architecture.
  • Experience or knowledge in cloud security architecture, secure configurations, shared responsibility models on Azure. Added advantage if candidate has experience in Azure Security Center
  • Good understanding of network protocols - TCP/IP, ICMP, HTTP
  • Good understanding of cryptographic protocols - SSL/TLS and cipher implementation
  • Good understanding of *Nix Platforms
  • Good understanding of shell scripts, C/C++ and .NET based programs
  • Proficiency in conducting manual/expert security code reviews in .NET, C/C++, Python
  • Proficiency in Network Penetration Testing and Application Security Testing
  • Solid Experience in Web Application Penetration Testing including SOAP/REST APIs
  • Knowledge of DevOps ecosystem: CI, CD tools, orchestration tools
  • Knowledge of all components of a SaaS Multi-tenant product architecture.
  • Knowledge of industry standards and compliance frameworks: CIS, NIST, FEDRAMP
  • Experience in at least 1 of the Static Code Scanning Tools like Fortify ,Coverity, Checkmarx.
  • Experience with Dynamic Scanning Tools like IBM APPSCAN, Burp Suite, Acunetix
  • Knowledge of Angular JS, MVC/MVVM Framework
  • Knowledge of Programming Languages- Python/PowerShell, .NET/Java, C,C++
Full time
Atlanta, GA 30383, US