Principal Security Engineer, Open Internet Tools Project
New America Foundation - Washington, DC

This job posting is no longer available on New America Foundation. Find similar jobs:Principal Security Engineer jobs - New America Foundation jobs

The Open Technology Institute and the Open Internet Tools Project is searching for a part-time Principal Security Engineer to work on a new project to peer review and code auditing of open source circumvention tools. RESPONSIBILITIES Develop adversary models and modeling methodologies. Develop threat models and threat modeling methodologies (for both desktop and mobile applications). Develop and evaluate security standard frameworks for open source applications.

Responsibilities may also include creating the structure of and selecting and managing security audit teams, coordinating audits, and interfacing with project teams. QUALIFICATIONS The ideal candidate will have the following qualifications: A minimum of eight years of consulting experience in formal threat modeling and code review of enterprise-scale applications. Experience developing formal threat modeling processes, methodologies, and tools for use in a consulting context. Experience developing and evaluating cryptographic protocols.

Significant familiarity with the liberation technology community. Working knowledge of tools and protocols commonly used within the liberation technology community, including Tor, GPG, OTR, SSL, ZRTP, etc. Significant experience in process improvement initiatives for the integration of security into development lifecycles, including process improvement in the context of Agile lifecycles. On-going contribution to open source projects, familiarity with the open source/free software community and working culture, and experience as an adviser to volunteer projects.

Experience with high-level technology policy development, for both enterprise and government contexts, as well as technology-law framework development. Engagement with the larger social implications of network organizational structures, including the interactions between security, privacy, surveillance, and social organization. Direct experience training activists, journalists, or dissidents in operational security practices, along with more general experience developing security training material, for both users and developers. Experience managing professional security assessment teams and in determining how to structure teams and team activities.

Applicants should be willing to travel at length for this position. APPLICATION PROCESS To apply, please submit a cover letter and resume. Please no emails or phone calls. Generous salary package commensurate with experience; excellent benefits.

The New America Foundation is an equal opportunity employer.