At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an open source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.
The Red Hat Customer Experience and Engagement (CEE) team is looking for a Product Security Engineer to join us in Westford, MA. In this role, you will work as part of the Red Hat Product Security team to help protect our customers from security risks when using our software. You’ll help us protect customers and communities from digital security threats and provide quality information needed to mitigate risk and privacy concerns. You’ll need to be passionate about open source, security, and risk management. Using open source principles every day, you will work with various security issues across the Red Hat portfolio of offerings and solutions. You’ll perform security analysis on vulnerabilities in Red Hat Enterprise Linux (RHEL) solutions and supported applications, understanding risk within traditional datacenter, cloud, and container environments, and escalate them as appropriate. As a Product Security Engineer, you’ll need to be able to think fast to analyze complex problems and you’ll be called upon to exercise judgement to prioritize issues that warrant immediate attention. You’ll work with fellow Red Hat engineers and security analysts to help protect customers from these security threats. You will also perform various audit reviews on software that is included in Red Hat’s offerings.
Primary job responsibilities
Be ready to rapidly respond to and provide quality in-depth analysis of security issues
Perform code and application auditing of various Red Hat Enterprise Linux (RHEL) components and web applications
Properly prioritize tasks to ensure that serious vulnerabilities get immediate attention
Communicate quickly and efficiently with various internal stakeholders about security vulnerabilities
Write proper technical documentation on vulnerabilities, including mitigations and their fixes, in a clear and easy-to-understand manner
Coordinate effectively with upstream communities and vendors for embargoed bugs, their patches, and coordinated release dates
Understand current and emerging threats in the enterprise product space
Solid understanding of current software security technologies
Debugging and analysis experience using GDB, Valgrind, strace, and other programming-level or system-level debuggers
Programming experience with C or C++; proficiency in multiple languages, including Python, Java, Ruby, or Go
Experience and proficiency with Linux operating systems
Understanding of modern container technologies
Ability to work in a fast-paced environment with diverse teams distributed across the globe
Bachelor's degree in computer science or equivalent work experience
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, uniformed services, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.