Lead Product Security Engineer

5 Months ago • 10 Years + • Cyber Security

Job Summary

Job Description

Lead Product Security Engineer responsible for leading and executing the Secure Software Development Lifecycle (SSDLC) for Cloud Software Group's on-premise and cloud products. This involves providing security guidance to product development teams, conducting manual source code reviews (C and C++), crash exploitability analysis, penetration testing, and identifying opportunities to prevent security problems at scale. The role requires expertise in Unix systems, networking, cryptography, and strong C/C++ skills. Responsibilities include design review, threat modeling, vulnerability identification, and root cause analysis. Experience writing exploits is a plus.
Must have:
  • 10+ years software security experience
  • Expert in Unix System, Network, or Cryptography
  • Strong C, C++ skills and Linux knowledge
  • Experience in Threat Modelling, Source Code Review, Penetration Testing
  • OWASP Top 10 vulnerability remediation
  • Root cause analysis and exploit writing
Good to have:
  • OSCP, OSCE, GPEN, CRTP certifications
  • Crash Exploitability Analysis using gdb
  • Fuzzing using AFL, Peach
  • Reverse Engineering

Job Details

About the job

About This Team

YOU as a Lead Product Security Engineer will have the opportunity to collaborate with the brightest engineering minds and work on innovative product security areas.

Job Description

You are/have worked on Threat Modelling, Source Code Review, Penetration Testing and performing security analysis on existing or new products. Provide security guidance and input to product engineers. You have worked on problems of varied scope independently and able to drive strategy for Product Security in the limited scope of work and provide general guidance and/or direction on routine work to achieve overall program performance, schedule, and quality standards

Position Overview

Lead Product Security Engineer is responsible for leading and executing the Security Development Lifecycle (SDL) for Cloud Software Group On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness and drive and execute SDL best practices

Duties and Responsibilities

  • You will be responsible for leading and executing the Secure Software Development Lifecycle (SSDLC) for Cloud Software Group On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness.
  • You will provide guidance to product development teams on design changes as per security requirements.
  • Manual Source Code Review primarily C and C++ programming languages
  • Crash Exploitability Analysis - Analyze Crashes to Find Security Vulnerabilities using tools such as gdb (Good to have)
  • Execute the penetration tests internally to identify security vulnerabilities
  • Identify opportunities to prevent security problems at scale, Develop prototypes to prevent these security problems.

Basic Qualifications

  • 10+ years of experience in a software security role such as blue team
  • You have a Full-time degree in Engineering (Preferably Computer Science related)
  • You are an expert in at least one of these areas in security – Unix System, Network, Cryptography
  • Strong C, C++ skills , Linux - Linux knowledge (low level preferred).
  • Good knowledge of Networking (TCP/IP) and other protocols like HTTP/S, DNS, et.al.
  • Basic understanding of File system concepts.
  • Experience with object-oriented design concepts.
  • Debugging Skills like GDB, core dump analysis and understanding Makefile concepts.
  • Extensive knowledge of common vulnerabilities - able to explain and remediate the OWASP Top 10 vulnerabilities across multiple programming languages
  • Reverse Engineering (Good to have)
  • Fuzzing using tools such as AFL, Peach (Good to have)
  • Deep understanding of application architecture and design principles
  • Experience in design review and threat modelling activities
  • You are capable of writing exploits for vulnerabilities identified in those respective areas.
  • Have excellent capabilities to identify security vulnerabilities and perform root cause analysis.
  • Good to have certifications such as OSCP, OSCE, GPEN, CRTP etc.

About Us:

Citrix and TIBCO recently merged to create Cloud Software Group, now one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value diverse lived experiences, passion for technology, and the courage to take risks. Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.

Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.

If you need a reasonable accommodation due to a disability during any part of the application process, please contact us at (800) 424-8749 or email us at AskHR@cloud.com for assistance.

Similar Jobs

Google - Staff Research Scientist, Modeling of Two-Qubit Gates and Tunable Couplers

Google

Goleta, California, United States (On-Site)
1 Week ago
PlayStation Global - Staff HRIS Analyst-Recruiting and HCM

PlayStation Global

Carlsbad, California, United States (On-Site)
1 Month ago
Company3 Method Studios - Senior Systems Engineer (Avid)

Company3 Method Studios

New York, New York, United States (On-Site)
1 Month ago
The Walt Disney Company - Ride Control Hardware Engineer

The Walt Disney Company

Glendale, California, United States (On-Site)
2 Days ago
Meta - Product Design Engineer, Reality Labs

Meta

Redmond, Washington, United States (On-Site)
5 Months ago
Notion - Application Security Engineer

Notion

San Francisco, California, United States (On-Site)
6 Months ago
ByteDance - Senior Research Scientist, Data Management and Security - Infrastructure System Lab

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
PwC - ETIC, Cybersecurity Graduate Program (German Speaker)

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
6 Months ago
Trend Micro - (Sr.) Cloud Developer (Vision One)

Trend Micro

Taipei City, Taiwan (On-Site)
7 Months ago
Ubisoft - Security Analyst

Ubisoft

Montreal, Quebec, Canada (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Amanotes - Senior Game Designer - Magic Tiles 3 (Hybrid) (Base in HCMC)

Amanotes

Ho Chi Minh City, Ho Chi Minh City, Vietnam (Hybrid)
8 Months ago
Enverus - Senior Software Engineer

Enverus

Bengaluru, Karnataka, India (On-Site)
20 Hours ago
Evolution - UI/UX Designer

Evolution

Warsaw, Masovian Voivodeship, Poland (Hybrid)
3 Months ago
Blind Squirrel Games - Technical Director

Blind Squirrel Games

Auckland, Auckland, New Zealand (On-Site)
4 Months ago
Epic Games - Lead Gameplay Programmer

Epic Games

(On-Site)
3 Months ago
DEVOTEAM - IT Traineeship - API & Integration (Dutch speaking)

DEVOTEAM

Amsterdam, North Holland, Netherlands (On-Site)
6 Months ago
Token Metrics - Graphic Designer (Remote)

Token Metrics

Budapest, Hungary (Remote)
6 Months ago
Aerospike - Senior Software Engineer, Cloud

Aerospike

(Remote)
18 Hours ago
PwC - D365 Manufacturing/Production

PwC

Bengaluru, Karnataka, India (On-Site)
7 Months ago
Maxis Studios - Full Stack Software Engineer - Web Applications

Maxis Studios

Vancouver, British Columbia, Canada (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Enverus - Staff Accountant

Enverus

Bengaluru, Karnataka, India (On-Site)
20 Hours ago
P99 soft - 3D Animator

P99 soft

Pune, Maharashtra, India (On-Site)
18 Hours ago
Rivos - CPU Design Verification - Full-time

Rivos

Bengaluru, Karnataka, India (Hybrid)
6 Months ago
Scanline VFX - Bidding Manager

Scanline VFX

Mumbai, Maharashtra, India (Hybrid)
6 Months ago
Capgemini - Order To Cash

Capgemini

Bengaluru, Karnataka, India (On-Site)
2 Days ago
PwC - IN-Manager_ Finance Transformation_FE_Advisory_Mumbai

PwC

Mumbai, Maharashtra, India (On-Site)
7 Months ago
PwC - IN_Senior Associate_Tableau Developer_Data & Analytics_Advisory_PAN India

PwC

Gurugram, Haryana, India (On-Site)
6 Months ago
NVIDIA - Senior Mask Designer

NVIDIA

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Adtran - Software Engineer

Adtran

Hyderabad, Telangana, India (On-Site)
7 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ION - Markets Governance, Risk and Controls Manager

ION

India (On-Site)
6 Months ago
Microsoft - Senior Software Engineer

Microsoft

Redmond, Washington, United States (On-Site)
1 Week ago
PwC - Assurance Technology Risk & Quality Manager

PwC

Dublin, County Dublin, Ireland (On-Site)
6 Months ago
Google - Customer Engineer, Security, Google Cloud

Google

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
PwC - IN-Senior Associate_SmartCitiesGIS _Cities_Advisory _Ahmedabad/Mumbai/Delhi

PwC

Ahmedabad, Gujarat, India (On-Site)
4 Months ago
Google - Security Consultant

Google

London, England, United Kingdom (On-Site)
2 Weeks ago
PwC - IN-Senior Associate__SAP GRC_ITRA_Advisory_  Gurgaon/Mumbai/Bangalore

PwC

Gurugram, Haryana, India (On-Site)
6 Months ago
The Walt Disney Company - Security Training & Development Manager

The Walt Disney Company

Celebration, Florida, United States (On-Site)
2 Days ago
Zeta - Engineering Manager - Cloud Security (DevSecOps)

Zeta

Bengaluru, Karnataka, India (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded