Product Security Engineer -Resilient Development Position Available In [Unknown county], North Carolina

Product Security Engineer

• Resilient Development remote type
  Remote
  locations
  Remote US NC
  time type
  Full time
  posted on
  Posted 3 Days Ago
  job requisition id

R-047596

At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an stack of trusted, high-performing solutions. We offer cloud, Linux, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.
Red Hat Product Security is looking for a Product Security Engineer to join our global Resilient Development team. Red Hat’s Resilient Development Team focuses on Secure Development and improving proactively the security posture of our Product Services portfolio and their build pipelines. You will perform security architecture review security assessments of those offerings throughout their development life cycle, in collaboration with Engineering and other Product Security teams, to make sure the expectations of our Secure Software Development Framework implementation are met. This process includes analyzing and documenting architecture from a security point of view, questioning security assumptions, finding potential problems, proposing improvements, performing code reviews, defining testing expectations, and promoting secure development best practices from our offerings through to their related communities. As a Product Security Engineer, you will represent the security needs of our customers to our Engineering teams, advocating and planning for a solid foundation of security architecture across the ecosystem. Successful applicants must reside in a state where Red Hat is registered to do business.

What you will do:

Engage with engineering teams to promote security-aware development of Red Hat technologies/solutions.
Understand current and emerging threats in the enterprise product and service space.
Analyze complex software system identify potential weaknesses in their architecture.
Plan and carry out threat modeling activities, and realistic threat simulations across our offerings.
Consult with software developer product teams on improved security architecture.
Ensure that product roadmap new features mitigate risk, adhere to security policies, and provide customers with minimal security risk.
Contribute to customer facing security documentation, reference, and other data as used by the common vulnerabilitie exposures (CVE) pages.
Promote Red Hat Product Security efforts within the community and the greater public.

What you bring:

Bachelor’s degree in computer science/engineering or equivalent/relevant work experience.
Strong understanding of common security vulnerabilities, (e.g. OWASP Top Ten) including how to detect, demonstrate, mitigate and resolve them.
Good understanding of Linux security technologie product security experience; for example:

• POSIX Permissions, ACL, SELinux;
• Seccomp, Linux namespace cgroups;
• Linux administrations related to security: secure boot, TPMs, trusted execution environment, Linux boot chain, virtualization, container hypervisor security.

Experience with one or more programming languages like Go, Python, C/C++, and a willingness to learn new ones.
Knowledge and experience with modern container orchestration systems: Kubernetes, Openshift; comfortable with container technologies.
Ability to work with minimal supervision, in a fast-paced environment with a multicultural team distributed across multiple countrie time zones. Solid communication and negotiation skills. Excellent collaboration skill dedication as a teammate.
The following will be considered a plus:
Familiarity with software and as a business model.
Linux-specific and/or security-related certifications (e.g. RHCSA, RHCE, RHCA, CISSP, CISM, CSSLP, CISA, etc.)
Work experience and/or certifications with cloud provider cloud-related technologies (AWS, Azure, GCP, Tekton, Jenkins, etc.)
The salary range for this position is $105,860.00

• $169,340.

00. Actual offer will be based on your qualifications.
Pay Transparency
Red Hat determines compensation based on several factors including but not limited to job location, experience, applicable skill training, external market value, and internal pay equity. Annual salary is one component of Red Hat’s compensation package. This position may also be eligible for bonus, commission, and/or equity. For positions with Remote-US locations, the actual salary range for the position may differ based on location but will be commensurate with job dutie relevant work experience. About Red Hat
Red Hat is the world’s leading provider of enterprise software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Spread across 40+ countries, our associates work flexibly across work environments, from in-office, to office-flex, to fully remote, depending on the requirements of their role. Red Hatters are encouraged to bring their best ideas, no matter their title or tenure. We’re a leader in because of our open and inclusive environment. We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact.
Benefits

• Comprehensive medical, dental, and vision coverage
• Flexible Spending Account
• healthcare and dependent care
• Health Savings Account
• high deductible medical plan
• Retirement 401(k) with employer match
• Paid time off and holidays
• Paid parental leave plans for all new parents
• Leave benefits including disability, paid family medical leave, and paid military leave
• Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!

Note:

These benefits are only applicable to full time, permanent associates at Red Hat located in the United States. Inclusion at Red Hat
Red Hat’s culture is built on the principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone. When this is realized, it empowers people from different backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation. Our aspiration is that everyone experiences this culture with equal opportunity and access, and that all voices are not only heard but also celebrated. We hope you will join our celebration, and we welcome and encourage applicants from all the beautiful dimensions that compose our global village.