Carbon Black: Senior Principal Software Engineer - Product Security
201 South Street
Boston, MA 02111

Photos

Video

Our Product Security team will coordinate our security efforts across our product, engineering and operations departments. This is an opportunity to join a security team that is supported by a strong internal security community. You will help to build an even more secure security product by which we build trust with our customers and deliver superior protection of their endpoints.

As a Senior Principal Software Engineer, you will work with the engineering and operations teams to:

  • Serve as the Application Security Engineer for Carbon Black products (cloud and on-premises).
  • Engage with various engineering teams across Carbon Black to perform security reviews of the architecture, design, and code throughout the SDLC process.
  • Collaborate with engineering teams to perform threat modeling for the proposed architecture.
  • Perform technical security assessments of existing and new products and work closely with the engineering teams to ensure that findings are addressed by the engineering team.
  • Work with product architects to provide remediation and potential fixes for security issues found from pen tests, static (SAST) and dynamic (DAST) code, analysis and provide recommendation on remediation.
  • Provide technical inputs for security evaluations like SOC 2, GDPR, FIPS, Common Criteria and FedRamp.
  • Provide remediation recommendation for third-party component vulnerabilities used within Carbon Black products.
  • Clearly communicate the security plan - including the risks and controls in place for key stakeholders.
  • Apprise senior management on the product security status.
  • Research security vulnerabilities in current architecture and communicate mitigation strategies to impacted teams.

What Youll Bring:

  • BS in Computer Science or equivalent work experience
  • 7+ years as a security architect, providing security support for SaaS/SaaS-like cloud systems
  • Experience with platforms used to provide security services in SaaS environments for configuration management, authentication, automation and validation
  • Understanding of code level scanning tools
  • Strong communication skills preferred
  • Experience with docker and container security
  • Programming Experience as a developer in designing and building cloud, web and SaaS products
  • Knowledge of various security evaluation and compliance frameworks like FIPS, Common Criteria, NIST, SOC 2, GDPR etc.
  • Experience with crypto, code signing, IAM and threat modeling

Nice to haves

  • Understanding of kernel level applications
  • Experience building and automating security testing
  • Coding expertise in Java

Why you should join us

Carbon Black is a leader in endpoint security dedicated to keeping the world safe from cyberattacks. With more than 5,000 customersincluding 34 of the Fortune 100the opportunities here are massive and exciting.

With 1,200+ employees, offices across the world, and the best-of-the-best tools for collaboration from anywhere, now is an ideal time to become part of the CB Team. See where you fit best at Lifeatcb.carbonblack.com.

Carbon Black, Inc. is an EEO/AA employer. Carbon Black is an inclusive employer that believes in workplace equality, supports diversity, creates a welcoming environment, and respects the unique qualities each individual brings to the company.

Full-time