About the jobRed Hat Product Security is looking for a Product Security Engineer to join our global Vulnerability Management Team. Red Hat's Vulnerability Management Team responds to threats in a predictable manner that reduces risk to Red Hat portfolio and customers. We do this by identifying, assessing & mitigating all potential vulnerabilities that impact our Products and Services portfolio, and then orchestrate our response, by coordinating with the stakeholders. In this role, you will work closely with the Vulnerability Remediation Engineers, Security Architects, Product Managers and Developers and a few customers of Red Hat, performing risk assessment of the vulnerabilities affecting Red Hat portfolio, and crafting the vulnerability metadata supporting our key stakeholders.
What you will doRespond to security vulnerabilities, weaknesses and incidents, within the Red Hat portfolio of Products and Services.Contribute to customer facing security documentation, reference, and other data as used by the Common Vulnerabilities and Exposures (CVE) pages.Research the impact of new flaws affecting Red Hat's offerings and communicate risk to stakeholders with different technical understanding, like senior leadership, engineers, architects, etc.Coordinate with key stakeholders internally and externally, as appropriate, ensuring an effective management of the vulnerabilities and the security incidentsContribute in the industry coordination working groups to shape the industry wide vulnerability disclosure and coordination standards as well as to adopt and implement those standards within the organization#LI-REMOTE
#LI-AM4
What you will bringExperienced knowledge and understanding of Linux Operating SystemProficiency in common programming languages like C/C++, Python, Java, GoFamiliarity with Source Code Management tools like GitStrong understanding of security vulnerabilities including the confidentiality, integrity, and availability triadSignificant experience in security technologies and methodologies like authentication and authorization, encryption, and risk assessmentsAbility to work on your own in a fast-paced environment with a multicultural team distributed across multiple countries and time zonesGood written and verbal communication skills in EnglishThe following are considered are plus:
Knowledge and experience with modern container technologies: Kubernetes, Openshift; comfortable with LinuxFamiliarity with open source software and open source as a business modelPrevious experience on a vulnerability management or incident response team
#J-18808-Ljbffr