Being the cybersecurity partner of choice, protecting our digital way of life.
Your Career
As the Principal Product Security Engineer on the Infosec Product Security team, you will be responsible for building security into all Palo Alto Networks products end-to-end. You’ll have the opportunity to work as a key member in a deep and savvy security team and lead the company's product security initiatives end-to-end. Furthermore, you will be technically hands-on, lead security engineering and innovations, where you will be expected to directly communicate with cross-functional teams in Product Management, Development, and DevOps/SRE to drive security throughout the entire product.
Your Impact
Build next gen Appsec technologies with automation into complex engineering CI/CD pipelines
Protect application security throughout the life-cycle in the cloud (GCP & AWS) and on the premise
Build risk driven intelligent automation to optimize SAST, SCA, OSS, DAST, Infra as Code (IaC), RASP integrations with advanced tooling integration
Evangelize and lead the adoption of SDLC and security best practices across the entire application lifecycle - You’re someone that possesses strong knowledge of security from infrastructure through application and wants to help people apply it.
Define and implement security tooling with the goal of improving coverage and time to action.
Participate in the design and implementation of secure software development processes, including secure coding practices, security testing, and vulnerability management.
Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance
Your Experience
6+ years of hands-on experience in cybersecurity in general, with 4+ years experiences in application security, pen test, security benchmarks, and automation
Security tooling and best practices, such as pre-commit/pre-receive hooks, dependency scanning, SAST, IAST, OSS, DAST, RASP, and vulnerability management, etc.
Experienced on Security tools benchmarking and fine tuning.
Perform code reviews, static code analysis, and security testing to identify and remediate vulnerabilities in our software products.
Familiarity with industry security standards and best practices (e.g., OWASP, NIST, ISO).
Integration, design, and architecture of AWS and/or GCP services into IAM platforms
Microservice architecture expertise and best practices in securing APIs across multi-cloud environments
Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business
Education
Bachelor's degree from four-year college or university or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc. or equivalent military experience required
All your information will be kept confidential according to EEO guidelines.
