Senior Product Security Response Engineer

    • Bangalore, India



Job Description

Are you passionate about Security? Do you enjoy understanding and preventing security bugs? Are you eager to play with the latest technology?

We are too - so we can make our customers more secure. That's why we want the brightest and the best security response engineers to join our VMware Security Response Team. Our mission is to make the cloud safe for our customers and partners.

Our Team

Our goal in the Security Response Center at VMware is to promptly resolve possible vulnerabilities in our software and services providing assurance to our customers and partners worldwide that security is our top priority. Our team is comprised of both Security Response Engineers and Security Response Program Managers that are technically skilled, knowledgeable and passionate about security.

We are currently looking for a security minded individual to join our team and support our efforts to analyse and respond to emergent vulnerabilities involving VMware software and services. The successful candidate will work in a fast paced, challenging and dynamic environment which requires coordination across various stakeholders in VMware to support vulnerability mitigation efforts ranging from the initial investigation to analysis, mitigation, patching and the communications associated with these efforts. We are operating in a world where the threat landscape is constantly changing which requires the successful candidate to possess a willingness to constantly learn whilst working on cutting edge technologies.

Responsibilities

You will join a passionate team of hardworking Security Response Engineers and Program Managers as an equally driven individual in the team. In a typical day...

  • Investigate software vulnerabilities and evaluate risk using industry standard metrics such as CVSSv3 and provide corresponding recommendations based on this evaluation (where applicable).
  • Effectively track and report on remediation efforts.
  • Prioritize and coordinate case-specific response activities which includes driving timely remediation of issues working with development teams across VMware.
  • Regularly deepen knowledge and skills to effectively maintain the security posture of VMware's products and services.
  • Identify and suggest improvements such as automating tasks and identifying metrics to understand trends.
  • Write proof of concepts for developers while investigating the issue reported.
  • Write fuzzers to uncover security issues in a proactive fashion.


Requirements

  • 5+ years of proven expertise as a Security Response Engineer reading, writing and debugging code in either Java, C#, C++ or Golang.
  • You possess a strong ability to analyse code behaviour down to assembly level language.
  • You have a deep understanding of common classes of product security vulnerabilities and attack/ defence methodologies.
  • You have knowledge of the security development lifecycle.
  • You have a deep understanding of at least one of these areas: Web Application Security, System Software internals, Layer 2-4 Networking, and Networking Security.
  • You can communicate clearly and are just as comfortable writing and speaking in person or on a video call to explain just about anything security-related to developers and their managers.
  • You can communicate at all levels of an organization and across diverse cultural and linguistic barriers.
  • You possess the skills to operate effectively under pressure.
  • Experience in handling competing priorities and managing issues as well as defining proactive mitigation strategies.


Preferred
  • Bachelor's degree in Computer Science; Masters is desirable.
  • Your reputation in security is based on significant and tried industry experience.
  • You are savvy in Python or at least another scripting language.
  • You are knowledgeable about the security challenges related to rising technologies such as Docker, Kubernetes, and/or AWS or Azure.
  • Knowledge of IOS and Android security internals.
  • Experience of working with mobile device management products.


We are a diverse organization of creative thinkers, solving global problems with 55 + Patents and counting. We drive efficiency, improve the bottom line and have fun while doing it. Our products and services drive a measurable impact on the business, we do the things that matter. Make a difference in your career - be part of something bigger than all of us - Join the ROCS VMware family

VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.


Back to top