WE CREATE EMPOWERED LEADERS! At Milwaukee Tool we firmly believe that our People and our Culture are the secrets to our success -- so we give you unlimited access to everything you need to create disruptive new technologies and solutions on our ONE-KEY™ Connected Tools Team.
Our ONE-KEY™ Connected Tools Team is responsible for developing and maintaining a collaborative tool and equipment platform that helps jobs run smoother, with fewer headaches along the way. We help users track and lock tools, dial in performance, pull utilization data, and give users the ultimate control over their tools. We strive to deliver customer value, be transparent with work in all directions, embrace empowered, autonomous teams, receive, give, and ask for feedback frequently, and think with an entrepreneurial mindset.
Behind our doors you'll be empowered every day to own it, drive it, and do what it takes to develop and maintain the biggest breakthroughs in the industry. Meanwhile, you'll have the support and resources of the fastest-growing brand in the construction industry to make it happen. Learn more about ONE-KEY™ HERE.
Your Role on Our Team
As a Senior Security Engineer - Mobile, you will be directly responsible for maintaining the confidentiality, integrity, and availability of Milwaukee's One Key application. This position will provide information security direction and consultation to development teams and product engineering. You will also be involved with proactive auditing and penetration testing of systems, simulating sophisticated external and internal threats with the goal of uncovering vulnerabilities and testing defenses. You will be involved in the selection, development, deployment, monitoring, maintenance, and enhancement of security technology as well as incident investigation.
You'll be DISRUPTIVE through these duties and responsibilities:
- Manage and configure security testing tools to identify risks as early as possible in the development lifecycle.
- Work with the development teams to address risks ensuring rapid but secure development.
- Monitor and ensure security tools and processes are scalable and stable.
- Perform code reviews to ensure compliance to security policies and controls.
- Mentor development teams on secure mobile coding best practices as necessary.
- Partner with the development team to automate security testing and reduce repetitive tasks.
- Mobile application development for security improvements projects, as necessary.
- Mentorship, security best practices, reference code, libraries, proof of concepts.
- Maintain deep understanding of networking, cloud infrastructure (AWS), system hardening, secure mobile application development and BLE hardware/firmware.
- Partner with mobile developers on Red Team/Blue Team testing activities.
- Monitor, analyze and respond to security events.
- Participate in on call rotation with your team.
- Other duties and responsibilities as assigned.
The TOOLS you'll bring with you:
- Bachelor's degree in Computer Science, Information Systems, Business Administration, or another related field.
- 7or more years of hands-on experience in information security technologies such as security design review, threat modeling, risk analysis, security controls and processes such as passive network monitoring, endpoint detection and response, incident response (Managed Detection and Response), and vulnerability management.
- 2 or more years of experience with mobile applications including connectivity with Bluetooth Low Energy and associated hardware/firmware.
Other TOOLS we prefer you to have:
- Experience with cloud monitoring systems (e.g., CloudWatch, New Relic, Datadog) and audit trails (e.g., Cloud trail)
- Experience working with Agile methodologies such as Scrum or Kanban.
- Experience with Keychain, jail break/root detection and Elliptic Curve Diffie-Hellman Key Exchange.
- Familiarity with DevOps, automated testing, continuous integration/continuous deployment (CI/CD)
- Familiarity with configuration management tools.
- Strong written, verbal, analytical and interpersonal skills.
- Experience with secret management services/appliances (e.g., AWS Secrets Manager, HasiCorp Vault, CyberArk).
- Experience with application hardening solutions (e.g., Veracode, SonarQube, AWS Xray, fortify).
- Experience establishing processes and controls aligning to SOC 2 and ISO 27001 certifications
- Experience with API, Web or Cloud development.
- CISSP, CISM, CISA, CEH, GPEN, GWAPT, GCPN, GMOB, AWS Certified Solutions Architect, AWS Certified DevOps Engineer or similar security certifications.
We provide these great perks and benefits:
- Robust health, dental and vision insurance plans
- Generous 401 (K) savings plan
- Education assistance
- On-site wellness, fitness center, food, and coffee service
- And many more, check out our benefits site HERE.
Milwaukee Electric Tool Corporation ("Milwaukee Tool") is an equal opportunity and affirmative action employer seeking to employ and advance in employment qualified persons without discrimination and to not allow harassment of any employee or applicant because of race, ethnicity, color, religion, sex, sexual orientation, gender identity, genetic characteristics, physical or mental disability, national origin, age, status as a protected veteran, and any other status protected by local, state, or federal law.