In this role, you will be responsible for validating that our services, products, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of products and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will also help us to secure our cloud products and cloud environment.
You will be able to apply technical expertise and diagnostic skill to the evaluation of security vulnerabilities in combination with experience in security risk management to develop maintainable technical solutions. You will thrive on working with engineers in a dynamic and collaborative development environment where meeting project goals and delivering quality is key. You will work with our security champs, security champ leaders and other security teams to make sure our products are delivered securely.
With the mission of capturing the biggest market share in the area of cyber security, network security, endpoint security, threat research, malware research, cloud security, we work together for a common goal of shaping the company’s future by designing and building the best in class robust and scalable security products for consumer and enterprise customers. As industry top performers, we aim to develop optimized high-performance system software solutions with high availability and reliability.
About the role:
- Provide technical leadership in the comprehensive planning, development, and execution of our product security efforts
- Provide planning and input into the software engineering and product development process, related to security, sensitive to the constraints and needs of the business
- Design, recommend, and implement on security controls and policies for cloud products and Cloud environments
- Providing security best practices for data systems in AWS, Oracle, Azure, and GCP ensuring integrity and confidentiality of sensitive data
- Develops and executes strategies to increase Cloud Security knowledge throughout the enterprise.
- Use programming skills to build and improve security tools and automation platforms
- Develop integrations between various tools and our VM management system
- Improve existing security process by automation and integration
- Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment
- Perform security tasks including (but not limited to) threat modeling, secure code analysis, training, static, dynamic and interactive analysis, fuzz testing, automated and manual security testing
- Deliver security metrics and improvement
- Document security guidance, process and related policy
- Collaborate with security champions and other security teams to deliver security solution
- Champion security in the engineering organization
- Bachelor’s degree in computer science or a technology related filed required
- At least 5 years of working experience in product security or application security
- Experience architecting solutions within Amazon Web Services (AWS), Azure, VMware NSX and implementation of native and third-party cloud workload protection platforms (CWPP) and CASB solutions such as AWS Inspector, CloudWatch, CloudTrail, vArmour, Dome9 Security, Illumio, McAfee Skyhigh, and Symantec Elastica
- Experience with cloud security strategy, cloud provider ecosystems (Amazon AWS/Microsoft Azure) & migrating Enterprise from traditional data center Infrastructure, Application and Data designs to hybrid or fully-cloud enabled practices.
- Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration.
- Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them
- Experience of security engineering, system and network security, authentication and security protocols, cryptography, or application security
- Experience of web services, web applications, mobile applications, applied cryptography, and penetration testing
- A strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Development experience with one of the following languages: Python, Java, Go or Ruby
- Experience with common CI/CD and software deployment automation tools
- Excellent written and verbal communication skills
- Demonstrable teamwork skills and resourcefulness
- Possess self-drive to keep moving things forward even in the face of ambiguity and imperfect knowledge
- Strong sense of ownership, urgency, and drive
- Certificate of AWS (Amazon Web Services) is strongly desired.
Our corporate culture and values are central to McAfee’s philosophy. Every day we embrace a more diverse workforce and inclusive environment. We are encouraged to bring your true selves to work. Our wide range of social communities & programs, flexible work hours and family-friendly benefits, all allow our employees to feel valued as people, while enjoying positive and challenging work. Check out more: Careers & Life at McAfee. Perks include:
- Pension / Retirement Programs
- Medical, Dental and Vision Coverage Programs
- Support for Community Involvement and Programs
Unleash your Power … Join our Talent Network: http://careers.mcafee.com/
McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.