Senior Principal Security Engineer




Santa Clara, CA


What you’ll achieve,p>

As a Senior Principal Security Engineer, you will be responsible for overall security of products. For every project, developing Security strategy, test plan, test execution for Security, reporting and process improvement. Analyze customer found issues and recommend improvement plans and work on Customer escalation, for product security office CVE (Common Vulnerabilities and Exposures)updates on the product line.

You will:

  • Review product feature’s architecture and functional specifications and identify security gaps
  • Find security vulnerabilities early in release cycle and develop technical solutions and recommend new security tools to help mitigate security vulnerabilities and automate repeatable tasks
  • Provide solutions to a variety of problems of moderate scope and complexity and use tools appropriately with technical guidance and complete tasks and assignments under normal supervision
  • Be responsible for threat modeling, STIG/ SRG (Security Technical Implementation Guide / Security Requirements Guide)and CVE/CVSS (Common Vulnerabilities and Exposures / Common Vulnerability Scoring System)
  • Manage certifying product for FIPS (Federal Information Processing Standards), Common criteria, Crypto library, Governance, as well as, score card analysis

Please see complete job description online.


Essential Requirements

  • 12-15 years of professional Security Software Engineering experience with a Bachelor's degree or equivalent experience
  • Experience in system security engineer or information security engineering, Working experience in security domain and mastery of tools for scanning
  • Solid understanding and experience in Storage, Filesystem, Data protection and/or Backup & Recovery software security
  • Recent hands on experience with scanning tools like Burp suite, Nessus Qualys, Malware, Rootkit, Web-scan, Black-duck, twistlock running on all virtual environments
  • Advanced automation experience in Python & necessary libraries to be able to automate, run scans, analyze results, and recommend priority/severity/impact and reduce manual and repeat work to near zero

Desirable Requirements

  • Experience working with Kubernetes & Microservices is a plus
  • Technical Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Information Systems Security Architecture Professional or Information Systems Security Engineering Professional (ISSEP)


How to Apply:

Apply online




Return to list of jobs.