Located either in Boulder, CO; Boston, MA; or Remote in USA.
Why Carbon Black?
At Carbon Black, you’ll have the chance to make an impact in the ever-evolving cybersecurity space. Our advanced technology tackles even the toughest challenges and stays ahead of the latest threats. If you want to join an agile company that’s building bleeding edge technology in the cloud, Carbon Black is the place for you. Driven by passionate people who are dedicated to making the world safer, it’s no wonder we’ve been named a “Top Place to Work” by the Boston Globe for four consecutive years. Join us!
Why You Matter:
Our Product Security team will coordinate our security efforts across our product, engineering and operations departments. This is an opportunity to join a security team that is supported by a strong internal security community. You will help to build an even more secure security product by which we build trust with our customers and deliver superior protection of their endpoints.
As a Product Security Engineer, you will work with the engineering and operations teams to:
- collaborate across the organization to help solve more complex security problems
- evolve our Secure Development Lifecycle
- evolve standards for securing build processes
- evolve third party library management processes
- assist with managing our bug bounty program
- assist in planning for and participating in incident response as required
- collaborate with product teams to address application security questions and issues
- research security vulnerabilities in current architecture and communicate mitigation strategies to impacted teams
- clearly communicate the security plan – including the risks and controls in place for key stakeholders
- communicate with customers on our security posture, both on calls and with the RFP team
- support the rest of the Engineering Security team in continuous improvement of the overall Engineering Security program
What You’ll Bring:
- BS in Computer Science or equivalent work experience
- 3+ years providing security support for SaaS/SaaS-like cloud systems required
- Experience with platforms used to provide security services in SaaS environments for configuration management, authentication, automation and validation
- Understanding of code level scanning tools
- Strong communication skills preferred
- Nice to haves
- Understanding of kernel level applications
- Experience building and automating security testing
- Understanding of compliance frameworks (SOC, NIST, etc)