Manager of Security Risk at Grainger overseeing Information Security Risk team and managing security risk programs. Focused on regulatory compliance, leadership, and risk assessment integration.
About the role
- Product Security Engineer on Red Hat's Resilient Development team ensuring the security posture of offerings. Engaging with engineering for secure development practices.
Responsibilities
- Engage with Engineering teams to promote security-aware development of Red Hat technologies/solutions.
- Understand current and emerging threats in the enterprise software product and service space.
- Analyze complex software systems and identify potential weaknesses in their architecture.
- Plan and carry out threat modeling activities, and realistic threat simulations across our offerings.
- Consult with software developers and product teams on improved security architecture.
- Ensure that product roadmaps and new features mitigate risk, adhere to security policies, and provide customers with minimal security risk.
- Contribute to customer-facing security documentation, technical references, and other data as used by the Common Vulnerabilities and Exposures (CVE) pages.
- Promote Red Hat Product Security efforts within the community and the greater public.
Requirements
- Bachelor's degree in computer science/engineering or equivalent/relevant work experience.
- Strong understanding of common security vulnerabilities, (e.g. OWASP Top Ten) including how to detect, demonstrate, mitigate and resolve them.
- Good understanding of Linux security technologies and product security experience; for example: POSIX permissions, ACLs, SELinux; Seccomp, Linux namespaces and cgroups; Linux administrations related to security: secure boot, TPMs, trusted execution environment, Linux boot chain, virtualization, containers and hypervisor security.
- Experience with one or more programming languages like Go, Python, C/C++, and a willingness to learn new ones.
- Knowledge and experience with modern container orchestration systems: Kubernetes, Openshift; comfortable with container technologies.
- Ability to work with minimal supervision, in a fast-paced environment with a multicultural team distributed across multiple countries and time zones.
- Solid communication and negotiation skills.
- Excellent collaboration skills and dedication as a teammate.
Benefits
- Comprehensive medical, dental, and vision coverage
- Flexible Spending Account - healthcare and dependent care
- Health Savings Account - high deductible medical plan
- Retirement 401(k) with employer match
- Paid time off and holidays
- Paid parental leave plans for all new parents
- Leave benefits including disability, paid family medical leave, and paid military leave
- Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
SAP Security GRC Consultant involved in designing and implementing security architectures for Swiss clients. Collaborating with project teams on compliance and security solutions.
Senior Consultant with Wavestone providing SAP Security and IAM solutions in Switzerland. Collaborating on security architectures and supporting clients on SAP security transformations.
Network Security Engineer ensuring secure, highly available enterprise network systems with a focus on collaboration and technical excellence. Involves designing and implementing networking solutions.
Security Manager at Leonardo focusing on cyber compliance and risk management across OT and IT frameworks. Supporting clients in strategic initiatives and infrastructure assessments.
Senior Analyst leading cybersecurity governance initiatives at Elsevier. Developing and maturing governance programs for data protection and risk management across the organization.
Commercial Security Service Sales Executive promoting and selling security services at Johnson Controls. Building relationships and delivering solutions to protect people and property within assigned territories.
Security Incident Responder in a leading IT service company in Germany, responsible for analyzing and responding to IT security incidents while developing technological solutions.
Deputy ISSO leading compliance and security activities for NOAA systems at RCG. Requires active Secret clearance and CISSP certification with 8+ years of experience.
Technical Recruiter hiring for Snap Inc.'s security and machine learning teams. Full life cycle recruiting support for technical talent across Snap's innovations.