Sr. Security Engineer - Vulnerability Management
at HashiCorp
Remote, Scotland, United Kingdom -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 30 Aug, 2024 | Not Specified | 30 May, 2024 | 4 year(s) or above | Iaas,Google Cloud Platform,Aws,Vulnerability Management,Security Audits,Amazon Web Services,Integration,Microsoft Azure,Ecosystem,Threat Modeling | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
YOU MAY BE A GOOD FIT IF YOU HAVE KNOWLEDGE AND EXPERIENCE AROUND:
- Secure development practices, and integration into broader engineering activities.
- Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
- Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS).
- Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP).
- Security design / architecture and threat modeling.
- Application and infrastructure security testing methodologies and tools.
- Vulnerabilities (old and new), and options for defense / mitigation.
- Product vulnerability management lifecycle.
- Security audits, penetration tests, and/or bug bounty programs.
- Cryptography and cryptographic libraries.
- Secure operations practices, specifically wrt. cloud environments.
LI-AZ1
Responsibilities:
ABOUT THE ROLE
We are looking for a Product Security Engineer specializing in Vulnerability Management to join our product security function. You will play a crucial role in building and extending existing tooling and processes to address vulnerabilities across multiple projects. Security at HashiCorp is largely a remote team. While prior experience working remotely isn’t required, we are looking for team members who perform well given a high level of independence and autonomy.
IN THIS ROLE, YOUR RESPONSIBILITIES WILL INCLUDE:
- Contribute to the development of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc.
- Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio.
- Work across various R&D teams to prioritize security features and bugs, and ensure implementation and mitigations.
- Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk.
- Act as SME on multiple information security areas (e.g. security architecture, application security, threat modeling etc.)
- Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp’s products, services, and associated cloud infrastructure.
- Assist in execution of 3rd-party audits, penetration tests, and bug bounty programs.
- Research emerging attack vectors and techniques.
We are looking for talented self-starters with 4+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!
REQUIREMENT SUMMARY
Min:4.0Max:9.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Remote, United Kingdom