• Product Security Engineer

    Location AU-Remote
    Posting date 3 weeks ago(1/29/2019 6:04 AM)
    Job ID
    Software Engineering
  • Company Description

    At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an open source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.

    Job summary

    The Red Hat Customer Experience and Engagement (CEE) team is looking for an experienced Senior Product Security Engineer to join the Red Hat Product Security team in Australia. In this role, you will work as part of a company that has an unrivalled security record when it comes to addressing security flaws in our offerings. You’ll help us reduce the risk to customers using our offerings by constantly monitoring for vulnerabilities and threats, triaging their impact on our customers, and addressing those that matter the most quickly. You’ll handle and prevent security vulnerabilities in Red Hat’s offerings and services for ten countries. You’ll represent the security needs of users within emerging technologies, processes, and offerings, advocating and planning for a solid foundation of security within these efforts. As a Senior Product Security Engineer, you will work with web and application server technologies including Apache HTTP Server and Apache Tomcat, which are incorporated in several middleware offerings and deployed in Red Hat OpenShift. You’ll focus on working with the internal and upstream communities on security and associated functionality. You’ll collaborate with other teams and within Red Hat and the community at large.

    Primary job responsibilities

    • Work with upstream security to align and coordinate the Red Hat Product Security response
    • Promote Red Hat Product Security efforts within the community and greater public
    • Assist members of the PST as a SME with web and application server technologies like Apache Tomcat, Apache HTTP Server, Jetty, Undertow, or Spring Boot, including Red Hat OpenShift deployments to help the team respond to high priority security issues
    • Coordinate with the Red Hat Web Server and Core Services teams to promote enhancement, integration, and assessment of security and associated functionality
    • Contribute to upstream technologies in areas related to security and associated functionality
    • Coordinate with the JSON Web Signature (JWS) team to assist and prioritize security research and contributions to code and testing
    • Contribute to technical documentation, policies and guidelines of security topics
    • Design and advocate for security related procedures, guidelines, and policies, ensuring a stable offering
    • Maintain a community presence advocating Red Hat security at Apache and web-related conferences
    • Produce training and presentations in related subject areas

    Required skills

    • Degree in computer science or equivalent relevant work experience
    • Solid proficiency in programming in C, Python, Ruby, JavaScript, and Go, with particular emphasis on Java and emerging JVM languages like Scala
    • Deep understanding of modern container technologies
    • Focus on web development specifications and technologies like JEE, Servlet 4, or Spring
    • Broad understanding of modern security in cloud-based processes and development
    • Proficient in architecting software, software processes, and policy with a focus on security
    • Knowledge of the Linux operating system
    • Solid collaboration and negotiation skills
    • Ability to work with minimum supervision

    Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, uniformed services, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.

    Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed