O pozici
Red Hat Product Security is looking for a Senior Product Security Engineer to join us in our globally distributed team. Red Hat’s Incident Response Team responds to threats in a predictable manner that reduces risk to Red Hat portfolio and customers. We do this by identifying, triaging & mitigating all high impact vulnerabilities that impact our Products and Services offerings, and then orchestrating our response, by coordinating with the stakeholders.
Co budeš dělat
- Respond to security vulnerabilities and incidents within the Red Hat portfolio of Products and Services.
- Coordinate the triage, remediation, and mitigation for high impact vulnerabilities affecting Red Hat offerings
- Coordinate with key stakeholders internally and externally, as appropriate, ensuring an effective management of the vulnerabilities and the security incidents
- Work with developers to improve the software development life cycle resulting in more secure Red Hat Products and Services
- Contribute to customer facing security documentation, reference, and other data as used by the Common Vulnerabilities and Exposures (CVE) pages.
- Research the impact of new flaws affecting Red Hat's offerings and communicate risk to stakeholders with different technical understanding, like senior leadership, engineers, architects, etc.
- Manage our vulnerability response work process without SLA misses
Koho hledáme
- Strong knowledge and understanding of the Linux Operating System, kubernetes, and container platforms
- Keen interest in security technologies and methodologies like authentication and authorization, encryption, and risk assessments
- Experience in an assessing impact of security vulnerabilities including the confidentiality, integrity, and availability triade
- Experience with and skills in flaw analysis, e.g., building a reproducer which demonstrates a software bug exists
- Excellent organizational skills
- Ability to work on your own in a fast-paced environment with a multicultural team distributed across multiple countries and time zones
- Outstanding written and verbal communication skills in English
Benefity
- The following are considered are plus: Knowledge of the Getting Things Done (GTD) productivity system
- Familiarity with open source software development
