Senior product security engineer

The Senior product security engineer is responsible for leading and executing the Security Development Lifecycle (SDL) for Citrix On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness, as well as drive and execute SDL best practices and its integration with the CI/CD, Agile and Waterfall development models

Duties and Responsibilities

• You will be responsible for leading and executing the Security Development Lifecycle (SDL) for Citrix On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness
• You will lead a team of security engineers for diverse types of product security related projects and workstreams
• You will drive and execute SDL best practices and its integration with the CI/CD, Agile and Waterfall development models
• You will create and deliver advanced security training and guidance to product engineers
• You will guide product development teams on design changes as per security requirements
• You will perform manual code review activities  
• You will communicate technical issues within scope of assignment
• You will drive negotiation in the interest of security.
• You will conduct comprehensive reviews of specific security fixes, as necessary.
• You will conduct product penetration test in a non-disruptive way for IT/Cloud deployments, including exploit creation to demonstrate a proof of concept.
• You will validate the efficacy of defensive mechanisms, as well as the engineering adherence to security policies

Basic Qualifications

• Have at least 6 years of experience in Security Engineering
• You have a Full-time degree in Engineering (Preferably Computer Science related)
• Must have good verbal and written communication skills; ability to communicate optimally and clearly with different stakeholders in engineering teams
• You are an expert in at least three of these areas in security –Web, Network, Cloud, Cryptography
• You are capable of writing exploits for vulnerabilities identified in those respective areas
• Deep understanding of application architecture and design principles
• Experience in design review and threat modelling activities
• Enthusiasm for staying up to date with the latest updates about security threats and solutions
• You have solid understanding of most common software vulnerabilities and standard secure coding practices
• Have excellent capabilities to identify security vulnerabilities and root cause analysis
• Have proficiency in programming language(s) like C++, C#, .NET
• Have experience in analysing security mechanisms of browser and associated extensions
• Have working knowledge wrt different cryptographic schemes including but not limited to key generation , rotation , revocation,etc
• You also have proficiency in windows system Internals
• You have demonstrated understanding of Computer Science fundamentals (OS, Networks).
• Good to have certifications such as OSCP, OSCE, GPEN, CRTP etc
• Working knowledge of AI based tools for conducting security reviews

About Us:

Cloud Software Group is one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value passion for technology and the courage to take risks.  Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.

Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.

If you need a reasonable accommodation due to a disability during any part of the application process,  please email us at [email protected] for assistance.