Job Post

Security Engineer

NetBrain Technologies
15 Network Drive
Burlington, MA 01803

Company Summary

 

Founded in 2004, NetBrain is the market leader disrupting the network automation space. Its ground-breaking automation platform leverages the power of dynamic maps to provide CIOs and network teams with end-to-end network visibility while enabling adaptive automation across the organization’s physical, virtual and software-defined networks. Today, over 2,000 of the world’s largest enterprises and managed services providers leverage NetBrain’s platform to automate network documentation, troubleshooting, and change management. 

“NetBrain’s success is due to our people, and over the years, we have been fortunate to attract top talent because of our unique culture and exciting mission to transform the network management industry.” - Lingping Gao, Chairman and Chief Executive Officer of NetBrain

GROW WITH US!

Overview

NetBrain Technologies is seeking a cyber security professional to join our Product Security Team and be a member of the NetBrain Security Event Response Team. As part of this team you will help secure and defend our products from the constantly evolving threat landscape of both the traditional on-premise as well as the cloud based SAAS worlds.

Responsibilities

As a member of the Product Security Team you will:

  • Work with Development and QA to ensure adherence to NetBrain SDLC by providing guidance and implementation, and testing advice, with an emphasis on a shift left philosophy.
  • Promote SDLC adoption, by monitoring SCA, Static Analysis, and Dynamic testing results.
  • Contribute to product security by participating in design and code reviews in security related areas.
  • Work with the security architect to design and implement Secure libraries, like common crypto module, and Safe-C and Safe-J API libraries.
  • Perform security audits of code and collaborate with the Security Architect to perform threat analysis through Threat Modeling and penetration test scenarios.
  • Stay abreast of security development practices, including the research of current and evolving trends.
  • Monitor industry blogs and mailers to stay up to date with the latest emerging threats and remediations.

As a member of the NetBrain Security Event Response Team you will:

  • Manage cases of Customer reported or internally found vulnerabilities, 
    • Determining if our products are vulnerable
    • If so determine proper course of remediation and create a defect tracking case for development.
    • Participate in the crafting of a response to the reporting customer, as well as a general advisory for all NetBrain customers.
    • Coordinate the creation of patches for field release and fixes in current production.
    • Ensure posting of the patches, and the security advisory are synchronized.

Qualifications

  • Bachelors in Computer Science or related field
  • A good working knowledge of tools like BlackDuck, Whitesource, Coverity, SonarQube, AppScan, AppSpider, QualsysGuard, etc.
  • Experience with security concepts, including:
    • Authentication and authorization (including MFA)
    • Current ‘strong’ cryptography algorithms, as well as legacy ‘weak’ crypto algorithms.
    • Secure coding practices and Secure Development Life-Cycle (SDLC)
    • Application security concepts
    • Familiarity with network and web security wire protocols such as TLS, IPSec etc.
    • Operating systems hardening
  • Security-focused design and coding skills
  • Experience advocating for technical security solutions across functional domains
  • 3+ years of industry experience architecting and implementing security features and solutions
  • 5+ years of native code development ( C/C++) or 5+ years of 3GL such as C#, Java, or Python
  • Experience with security engineering solutions

Desirable (non-essential) skills:

  • Ability to design and execute automated penetration testing modules to detect vulnerabilities during build time, coming up with innovative ways to integrate security into the SDLC.
  • Experience working in an ISO 27001 environment.
  • Familiarity with compliance standards such as, PCI DSS, Common Criteria, SOX, HIPPA, FIPS 140-2, FEDRAMP requirements, etc.
  • Experience security testing automation and hardening of applications is very desirable.
  • Exposure to Public Key Infrastructure (PKI) management including AWS KMS, Hashicorp Vault, and Gemalto SafeNet KMS
  • Experience working in a SaaS as well as a traditional Fullstack environment.
  • Recognized security certifications are highly desirable (CISSP, CISA, GIAC, CEH and others)
Category: IT/Systems/Networking
Full-time

See What It's Like To Work Here

NetBrain was founded to deliver end-to-end network visibility to enterprise networks across the globe.

 

More Jobs From This Company

Get unlimited job listings with a BIZZpage