Senior Software Engineer - Product Security

Location US-Remote
Posting date 2 weeks ago(2/7/2018 6:29 AM)
Job ID
Software Engineering

Company description

At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an open source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.

Job summary

The Red Hat Product Security team is looking for a Senior Software Engineer to join us. In this role, you will process tasks assigned to the Red Hat Enterprise Linux (RHEL) solutions and fully analyze and escalate flaws. You'll perform analysis and work with fellow Red Hat engineers on various security tasks for our solutions to ensure Red Hat continues to protect customers from meaningful security concerns. Successful applicants must reside in a state where Red Hat is registered to do business.

Primary job responsibilities

  • Provide detailed analysis of security issues
  • Perform code and application auditing of various Red Hat Enterprise Linux (RHEL) components
  • Prioritize tasks to ensure that serious vulnerabilities get immediate attention
  • Communicate flaw information with our software developers, managers, quality engineers, upstream project developers, and peers on vendor security response teams
  • Document vulnerabilities, flaws, mitigation, and their fixes through the entire update release life cycle in the team's knowledge base
  • Ensure proper documentation of the flaws with as much technical data as possible
  • Ensure proper reference and other data as used by Common Vulnerabilities and Exposures (CVE) pages
  • Coordinate with upstream communities and vendors for embargoed bugs, their patches, and common release dates
  • Understand current and emerging threats in the enterprise solutions space

Required skills

  • Proficiency in software development processes; 5+ years of experience in a release engineering, quality assurance, operations, or development environment
  • 5+ years of experience developing applications in C or C++; equivalent experience with languages like Python, Java, Ruby, or Go will also be considered
  • Excellent understanding of security technologies; experience in reverse engineering and security research is a plus
  • Experience with debugging and analysis using tools like GDB, Valgrind, strace, and other programming or system-level debuggers
  • Linux operating system knowledge; Linux system administration experience is a plus Outstanding collaboration, communication, facilitation, and partnering skills; ability to directly interact with globally-distributed stakeholders from diverse cultural backgrounds
  • Outstanding written and verbal communication skills in English
  • Bachelor's degree in computer science, computer engineering, or a technology-related discipline; relevant work experience will also be considered
  • Familiarity with Red Hat's solutions portfolio and experience with RPM-based Linux and Java technologies; knowledge of DevOps, cloud, Platform-as-a-Service (PaaS), Infrastructure-as-a-service (IaaS), and emerging enterprise IT technologies is a plus
  • Open source software development experience and interest in community development
  • Experience and skills with secure coding and auditing is a plus
  • Experience with or knowledge of IDA Pro or equivalent disassembly tools is a plus

Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, uniformed services, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.

Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.


Interested in this job?

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed