Red hat Principal Product Security Engineer 

Poland 

284354852

In this role you will be responsible for an overall technical relationship and security strategy between the customer (internal and external) and the Secure Flow software engineering organization. You will lead the architectural design reviews of security solutions that are developed together with the key stakeholders, especially product architects and customers. A focus will be on developing and socializing new proof of concepts to meet new security and customer requirements and help keep the organization at the forefront of Red Hat security related efforts.

What will you do

• Guide regulatory compliance for Secure Flow products.

• Identify and Combat security threats and create risk prevention measures as needed.

• Share expertise in programming, research, and policy development.

• Collaborate with the PSIRT teams and other security professionals.

• Improve existing programs and integrate new security protocols into existing software applications.

• Attend conferences and present Red Hat Secure Supply Chain offerings.

• Meet with Customers and present Red Hat Secure Supply Chain offerings.

• Apply computer and cybersecurity methods, and penetration testing to identify threats

What will you bring

• Confident operating independently as the role is remote from the manager and team

• Leadership level experience in vulnerability management process

• Knowledge of commonly used security best practices and standards, like:NIST Secure Software Development Framework (SSDF),CVE, CWE, CVSS, Supply Chain or CSAF/VEX

• Extensive experience conducting vulnerability scans and recognizing vulnerabilities in security systems

• Demonstrated experience applying cybersecurity and privacy principles to organizational requirements.

• Excellent communication skills using written, presentation, and video conferencing mediums.

• Expert at identifying systemic security issues.

• Experienced in mentoring and educating Information Security professionals.

• Experienced delivering outcomes by organizing the actions of collaborating partners.

• Experience in cloud solutions.

• Experience speaking to large crowds – as in conferences etc

• Position will require some semi-regular travel (To Red Hat offices, customer sites and/or conferences as needed) 20%

The following are considered a plus:

• Risk management or operational experience using Red Hat products: Red Hat Enterprise Linux, Openshift, OpenStack, Ansible

• Experience with tools and teams in CI/CD workflows

• Demonstrated experience with security controls and security metadata management and enhancement

• Presence in the upstream and external community