Infoblox
Product Security Engineer
Infoblox, Jackson, Mississippi, United States,
It is an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, we are leading the way to next-level DDI with our Secure Cloud-Managed Network Services, bringing next-level security, reliability, and automation to cloud and hybrid systems—all managed through a single pane of glass. Our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies—and having fun along the way.We are looking for an Associate Product Security Engineer to join our Product Security team in Bangalore, reporting to the senior manager of Product Security Engineering. Our growing Product Security Engineering team needs talented and experienced engineers to ensure the design of business solutions meets the security and compliance mandates. You will participate in vulnerability and penetration testing and provide security-related feedback on the design & implementation of on-prem and cloud applications. You are constantly innovating to improve the management and vulnerability management and penetration testing procedures, practices, and tooling. Precise reporting of the issues in professional technical and business terms.As the ideal candidate, you are an experienced, highly-motivated Product Security Engineer interested in learning new technologies and staying up-to-date with the cyber threat landscape. You work well in a highly dynamic environment, along with peers and senior security analysts, to research and assess vulnerabilities, threats, and attacks on multi-cloud infrastructure and SaaS products and services.What you’ll do:
Conduct cloud infrastructure and application vulnerability assessment in an agile cloud development environment using open-source and commercial toolsValidate and triage identified vulnerabilities and application security defectsTrack remediation efforts of triaged vulnerabilities to their completionContribute to the development and maintenance of vulnerability management tools and CI/CD integrationsProvide technical documentation to development teams describing vulnerabilities and impactCreate and maintain documentation as it relates to vulnerability management and penetration testing processes, standards, and recommendationsPerform penetration testing of web applications, APIs, thick clients, mobile applications, Onprem, and SaaS services following OWASP methodologiesResearch and develop proof of concepts on publicly available exploits for known/0Day vulnerabilitiesWhat you’ll bring:
4+ years of experience in vulnerability management and penetration testingHands-on experience managing:Vulnerability scanning toolsContainer and dependency (OSS libraries) scanning toolsDocker and KubernetesSecurity administration in AWS and AzureCI/CD and DevOps Tooling (Git, Jenkins, CircleCI)Infrastructure as code tools (Ansible, CloudFormation, Terraform)Experience in agile methodologies with secure software development life-cycle involving SAST & DAST tools (Coverity, CodeQL, SonarQube, Contrast)Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (reverse proxies, WAF), DNS Security, DoH & DoTExperience working with a POSIX system such as Linux or macOSFamiliarity with Shell Scripts, Python or Golang is a major plusGood understanding of cyber security frameworks like OWASP, SANS, NIST, CIS, etc.One or more security certifications CEH, CISA, GSEC, OSCP, CISSP, etc.Excellent verbal and written communication skills with a strong attention to detailMS/M.tech or BE/BS/B.tech in Computer Science or related field, or equivalent work experience requiredWhat success looks like:
In the first six months, you will…Understand the scope of Infoblox products, cloud infrastructure, and SaaS services that require vulnerability assessment and penetration testingReach proficiency with processes and procedures laid out for the team in delivering best-in-class cyber security servicesBuild knowledge and hands-on experience on cutting-edge technologiesUnderstand the team of engineers and the current stateAfter the first year, you will…Be an independent key contributor to the teamParticipate in rotational watchdesk responsibilities as applicableProvide recommendations for security posture improvementsIdentify emerging security threats and trendsWe’ve got you covered:
Our holistic benefits package includes coverage of your health, wealth, and wellness—as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package, including a 401k with company match and generous paid time off to help you balance your life. We have a strong culture and live our values every day—we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers.Why Infoblox?
We’ve created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you’re a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career.#LI-SB1
#J-18808-Ljbffr
Conduct cloud infrastructure and application vulnerability assessment in an agile cloud development environment using open-source and commercial toolsValidate and triage identified vulnerabilities and application security defectsTrack remediation efforts of triaged vulnerabilities to their completionContribute to the development and maintenance of vulnerability management tools and CI/CD integrationsProvide technical documentation to development teams describing vulnerabilities and impactCreate and maintain documentation as it relates to vulnerability management and penetration testing processes, standards, and recommendationsPerform penetration testing of web applications, APIs, thick clients, mobile applications, Onprem, and SaaS services following OWASP methodologiesResearch and develop proof of concepts on publicly available exploits for known/0Day vulnerabilitiesWhat you’ll bring:
4+ years of experience in vulnerability management and penetration testingHands-on experience managing:Vulnerability scanning toolsContainer and dependency (OSS libraries) scanning toolsDocker and KubernetesSecurity administration in AWS and AzureCI/CD and DevOps Tooling (Git, Jenkins, CircleCI)Infrastructure as code tools (Ansible, CloudFormation, Terraform)Experience in agile methodologies with secure software development life-cycle involving SAST & DAST tools (Coverity, CodeQL, SonarQube, Contrast)Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (reverse proxies, WAF), DNS Security, DoH & DoTExperience working with a POSIX system such as Linux or macOSFamiliarity with Shell Scripts, Python or Golang is a major plusGood understanding of cyber security frameworks like OWASP, SANS, NIST, CIS, etc.One or more security certifications CEH, CISA, GSEC, OSCP, CISSP, etc.Excellent verbal and written communication skills with a strong attention to detailMS/M.tech or BE/BS/B.tech in Computer Science or related field, or equivalent work experience requiredWhat success looks like:
In the first six months, you will…Understand the scope of Infoblox products, cloud infrastructure, and SaaS services that require vulnerability assessment and penetration testingReach proficiency with processes and procedures laid out for the team in delivering best-in-class cyber security servicesBuild knowledge and hands-on experience on cutting-edge technologiesUnderstand the team of engineers and the current stateAfter the first year, you will…Be an independent key contributor to the teamParticipate in rotational watchdesk responsibilities as applicableProvide recommendations for security posture improvementsIdentify emerging security threats and trendsWe’ve got you covered:
Our holistic benefits package includes coverage of your health, wealth, and wellness—as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package, including a 401k with company match and generous paid time off to help you balance your life. We have a strong culture and live our values every day—we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers.Why Infoblox?
We’ve created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you’re a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career.#LI-SB1
#J-18808-Ljbffr