Product Security Engineer, Programs Team
Hashicorp
Full-time
Remote
In this role, your responsibilities will include:
Primarily, contribute to the development of security solutions across the product life-cycle, such as standalone security tools, “shift left” CI/CD pipeline components, security solution integrations, product security features/fixes, etc. You will be working on tooling to support other Product Security team members and the HashiCorp R&D organization more broadly.
Secondarily, support other Product Security teams in efforts to monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk. Identity and explore opportunities to strengthen these efforts with tooling / automation.
Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio.
We are looking for talented self-starters with 4+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!
You may be a good fit if you have knowledge and experience around:
Secure development practices, and integration into broader engineering activities.
Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS).
Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP).
Security design / architecture and threat modeling.
Product vulnerability management lifecycle.
Cryptography and cryptographic libraries.
Secure operations practices, specifically with respect to cloud environments.
Primarily, contribute to the development of security solutions across the product life-cycle, such as standalone security tools, “shift left” CI/CD pipeline components, security solution integrations, product security features/fixes, etc. You will be working on tooling to support other Product Security team members and the HashiCorp R&D organization more broadly.
Secondarily, support other Product Security teams in efforts to monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk. Identity and explore opportunities to strengthen these efforts with tooling / automation.
Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio.
We are looking for talented self-starters with 4+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!
You may be a good fit if you have knowledge and experience around:
Secure development practices, and integration into broader engineering activities.
Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS).
Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP).
Security design / architecture and threat modeling.
Product vulnerability management lifecycle.
Cryptography and cryptographic libraries.
Secure operations practices, specifically with respect to cloud environments.