Job summary
The Red Hat Products and Technologies Customer Experience and Operations (PnT CXnO) team is looking for an experienced Senior Product Security Engineer to join the Red Hat Product Security Incident Response Team (PSIRT) in Raleigh, NC, or remotely in the U.S. In this role, you will perform analysis and collaborate with other Red Hat engineers to ensure Red Hat continues to protect customers from meaningful security concerns. You will process tasks assigned to Red Hat Management products, like Red Hat Ansible Automation Platform, to fully analyze, assess risks, and track resolutions. You'll help us reduce the risk to customers using our offerings by constantly monitoring for vulnerabilities and threats, triaging their impact on our customers, and addressing those that matter the most quickly. You'll handle and prevent security vulnerabilities in Red Hat's offerings and services. As a Senior Product Security Engineer, you'll represent the security needs of users within emerging technologies, processes and offerings, and advocating and planning for a solid foundation of security within these efforts.
Primary job responsibilities

• Provide detailed analysis of security issues
• Efficiently prioritize tasks to ensure that critical vulnerabilities get immediate attention
• Communicate flaw information with our software developers, managers, quality engineers, upstream project developers, and peers on vendor security response teams
• Document vulnerabilities, flaws, mitigation, and their fixes through the entire update release life cycle in the team's knowledge base
• Ensure proper customer facing documentation, reference, and other data as used by the common vulnerabilities and exposures (CVE) pages
• Coordinate with upstream communities and vendors for embargoed bugs, their patches, and common release dates
• Understand current and emerging threats in the enterprise product space
• Engage with engineering teams to promote security aware development of Red Hat technologies and solutions
• Promote Red Hat Product Security efforts within the community and greater public

Required skills

• Bachelor's degree in computer science, engineering, or equivalent work experience
• Solid knowledge and experience of Linux system administration
• Good understanding of Linux security technologies and product security experience
• Proficiency in programming languages like Python, JavaScript, and Node.js
• Relevant work experience with configuration management or automation tools like Ansible, Satellite
• Excellent understanding of common security vulnerabilities, (e.g., OWASP top ten) including how to detect, demonstrate, mitigate, and resolve them
• Deep understanding of modern container technologies: Kubernetes, OpenShift; deep knowledge in docker or Linux containers
• Ability to work, with minimum supervision, in a fast-paced environment with a multicultural team distributed across multiple countries and time zones
• Solid communication and negotiation skills; excellent collaboration skills and dedication as a teammate

The following will be considered a plus:

• Red Hat or Linux specific certifications like Red Hat Certified System Administrator (RHCSA), Red Hat Certified Engineer (RHCE), Red Hat Certified Architect (RHCA), etc.
• Experience with languages like Go, Java and Ruby, and the ability to learn new ones
• Familiarity with open source software and open source as a business model
• Relevant work experience with cloud technologies like AWS, Azure, etc.
• Domain competence of continuous integration (CI) and continuous delivery (CD) processes, software life cycle release processes and its tools

About Red Hat
Red Hat is the world's leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Benefits

• Comprehensive medical, dental, and vision coverage
• Flexible Spending Account - healthcare and dependent care
• Health Savings Account - high deductible medical plan
• Retirement 401(k) with employer match
• Paid time off and holidays
• Paid parental leave plans for all new parents
• Leave benefits including disability, paid family medical leave, and paid military leave
• Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!

Note: These benefits are only applicable to full time, permanent associates at Red Hat located in the United States.
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.