RedHat Product Security Engineer in Raleigh, North Carolina
The Red Hat Product Security team is looking for a Product Security Engineer with focus on Single Sign On (SSO) to join us in the United States. In this role, you will work closely with product engineering teams to find and remediate security issues in Red Hat’s online services, primarily SSO, question the security assumptions, and apply your understanding of the attack surface. You will collaborate with security engineers to verify threat models and to address security issues in existing and upcoming offerings. Your work will be essential to the success and growth of our solutions portfolio by ensuring consistent security standards and verification of the same through rapid vulnerability response, auditing, and providing security advice through all stages of software development.
Primary job responsibilities
Receive reports of new security issues and respond by analyzing them in the context of supported services
Provide detailed, quality research and make decisions around patching or mitigating for the impacted service
Work closely with engineering teams developing new services and provide security review of the architecture, components, and deployment of the service
Work closely with the Product Security Incident Response team (PSIRT), analyzing vulnerabilities in our offerings
Communicate quickly and effectively with engineers, various stakeholders, and customers about security issues
Write technical documentation on security issues, including mitigations and fixes, in a clear and easy-to-understand manner
Work to understand current and emerging threats in the enterprise offerings and services space
2+ years of practical vulnerability response and research experience
Demonstrated good understanding of current security technologies
Solid experience with and proficiency in the Linux operating system on the power user level
Experience with container based platforms like Red Hat OpenShift, Kubernetes, Docker, etc.
Ability to work in a fast-paced environment with diverse teams distributed across the globe
Fluent written and verbal communication skills in English
Organized with analytical thinking skills and the ability to quickly learn new technologies
Programming experience in Java; proficiency in multiple languages like Python, Go, or Ruby, meaning the ability to read the code
The following are considered a plus:
Prior knowledge of Red Hat OpenShift Container Platform
Experience with reverse engineering and security research using IDA Pro or equivalent disassembly tools
Familiarity with open source software
Experience with SecDevOps or DevSecOps and rapid deployment of web applications
Experience auditing and pen testing web applications
About Red Hat
Red Hat (https://www.redhat.com/) is the world’s leading provider of enterpriseopen source (https://www.redhat.com/en/about/open-source) software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Comprehensive medical, dental, and vision coverage
Flexible Spending Account - healthcare and dependent care
Health Savings Account - high deductible medical plan
Retirement 401(k) with employer match
Paid time off and holidays
Paid parental leave plans for all new parents
Leave benefits including disability, paid family medical leave, and paid military leave
Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!
Note : These benefits are only applicable to full time, permanent associates at Red Hat located in the United States.
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, uniformed services, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.
Posting Location : Location Raleigh
Posting date 6 days ago (4/8/2021 5:31 AM)
Job ID 85934
Category Software Engineering, Solution Architecture, Systems Engineering