Being the cybersecurity partner of choice, protecting our digital way of life.
Your Career
As the Principal Product Security Engineer on the Infosec Product Security team, you will be responsible for building security into all Palo Alto Networks products end-to-end. You’ll have the opportunity to work as a key member in a deep and savvy security team and lead the company's product security initiatives end-to-end. Furthermore, you will be technically hands-on, lead security engineering and innovations, where you will be expected to directly communicate with cross-functional teams in Product Management, Development, and DevOps/SRE to drive security throughout the entire product.
Your Impact
- Build next gen Appsec technologies with automation into complex engineering CI/CD pipelines
- Protect application security throughout the life-cycle in the cloud (GCP & AWS) and on the premise
- Build risk driven intelligent automation to optimize SAST, SCA, OSS, DAST, Infra as Code (IaC), RASP integrations with advanced tooling integration
- Evangelize and lead the adoption of SDLC and security best practices across the entire application lifecycle - You’re someone that possesses strong knowledge of security from infrastructure through application and wants to help people apply it.
- Define and implement security tooling with the goal of improving coverage and time to action
- Participate in the design and implementation of secure software development processes, including secure coding practices, security testing, and vulnerability management
- Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance
Your Experience
- 6+ years of hands-on experience in cybersecurity in general, with 4+ years experiences in application security, pen test, security benchmarks, and automation
- Security tooling and best practices, such as pre-commit/pre-receive hooks, dependency scanning, SAST, IAST, OSS, DAST, RASP, and vulnerability management, etc.
- Experienced on Security tools benchmarking and fine tuning
- Perform code reviews, static code analysis, and security testing to identify and remediate vulnerabilities in our software products
- Familiarity with industry security standards and best practices (e.g., OWASP, NIST, ISO)
- Integration, design, and architecture of AWS and/or GCP services into IAM platforms
- Microservice architecture expertise and best practices in securing APIs across multi-cloud environments
- Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business
Education
- Bachelor's degree from four-year college or university or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc. or equivalent military experience required
Compensation Disclosure
The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/com-missioned roles) is expected to be between $157,800/yr to $255,200/yr. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .
All your information will be kept confidential according to EEO guidelines.