Member of Technical Staff (Security Engineering) - Opportunity for Working Remotely Juneau, AK
Member of Technical Staff (Security Engineering) - Opportunity for Working Remotely Juneau, AKVMware
The elevator pitch: Why will you enjoy this new opportunity?
The world is changing fast, and the security engineering space is changing even faster! Corporations, governments, schools, hospitals are in desperate need for digital transformation at a rapid space. VMware is driving this transformation for 350,000 customers (which includes 98% of Fortune 500). You won’t find another company that offers the breadth of innovative technology. Now imagine the opportunity to work on securing the products and services which VMware creates on cutting edge technologies. You would be exposed to the broad technology stack which you can break/ hack into and help secure. This opportunity provides an endless possibility to learn, grow and flourish as a Security Response Engineer.
This Security Response Engineer role is part of the S.C.O.P.E organization, which expands to Security, Compliance, and Privacy Engineering. This organization is responsible for the complete security state of all Products and Service offerings from VMware. This includes Security Architecture, Security Development Lifecycle, Offensive Security and Security Response functions.
As part of this role in the VMware Security Response Center (vSRC), you will be responsible for responding, analyzing, reproducing, validating, and guiding remediation of externally known vulnerabilities. Additionally, Security Response Engineers perform independent proactive research into novel cyber techniques and assess its impact on VMware and its customers. You will maintain the highest quality of work while prioritizing incoming requests, contending priorities, and managing externally reported vulnerabilities. You will work closely with a variety of teams across VMware to achieve our goal of protecting our customers. Also, you will have the opportunity to collaborate with and influence Security Architects, SDL, Offensive security, SOC and Development teams across VMware, and other Security Engineers in the team, who work on various areas such as, virtualization, software-defined networking, cloud security, and Kubernetes.
Success in the Role: What are the performance outcomes over the first 6-12 months that you will work towards completing?
Within 1 month of employment, become competent with VMware’s Product and SaaS offerings and gain a strong understanding of our flagship product, vSphere.
Within 3 months of employment learn the product/SaaS offering which you will support and secure, the technology stack which they use, get accustomed with the code base and recent externally reported vulnerabilities.
Within 6 months of employment, work towards becoming a competent SME for the BU which you support, building relationships with the teams to aid quick turnaround times for verifying and validating external reports.
Within 1 year of employment, work towards handling external report across multiple products and SaaS offerings and drive discussions with various key stakeholders in both SCOPE and across Development teams to drive improvements to the overall security posture of VMware offerings.
The Work: What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
You will join a passionate team of hardworking Security Response Engineers and Program Managers as an equally driven individual in the team. In a typical day...
Investigate software vulnerabilities and evaluate risk using industry standard metrics such as CVSSv3 and provide corresponding recommendations based on this evaluation (where applicable).
Read and write code in the following languages: C/C++, Java, Ruby.
Effectively track and report on remediation efforts.
Prioritize and coordinate case-specific response activities which includes driving timely remediation of issues working with development teams across VMware.
Regularly deepen knowledge and skills to effectively maintain the security posture of VMware’s products and services.
Identify and suggest improvements such as automating tasks and identifying metrics to understand trends.
Write proof of concepts for developers while investigating the issue reported.
Write fuzzers to uncover security issues in a proactive fashion.
Create detection signatures for the VMware SOC.
Collaborate with Security Architects, SDL and Offensive Security to identify and support improving the security posture of VMware Products and Services.
Mentor junior Security Engineers in the team.
What is leadership like for this role? What is the structure and culture of the team like?
S.C.O.P.E is headed by Ashok Banerjee, who is the Vice President based out of U.S. vSRC, which is widely known, is part of this organization. The leadership of S.C.O.P.E reporting to Ashok is based out of India, U.S, and Ireland. As part of this role, you will be joining a globally dispersed team led by Emer O’Neill, Director of the VMware Security Response Center. Emer is an experienced technical engineer and manager who joined VMware as a technical support engineer in 2007, and later went into management roles in both Global Support and Research & Development. The team is spread across the globe with some team members working remote and others in VMware Offices including Cork, IE, Palo Alto, CA and Bangalore, India.
The team culture is one based on sharing knowledge for ongoing development, building trust and participating in social events along with giving back to the community through service learning.
Where is the role located?
The role is based in the US with the option of working remotely or in our Palo Alto, California office or our Broomfield, Colorado office. VMware has a policy to empower employees to work from where they feel most productive and healthy whether that is at home, a VMware office or a coffee shop.
What are the benefits and perks of working at VMware?
You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com.
Employee Stock Purchase Plan
Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
Generous Time Off Programs
40 hours of paid time to volunteer in your community
Rethink's Neurodiversity program to support parents raising ren with learning or behavior challenges, or developmental disabilities
Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
Wellness reimbursement and online fitness and wellbeing classes
This job may require the candidate to comply with travel restrictions and/or work from a facility that requires full vaccination prior to entry.
Category : Engineering and Technology
Subcategory: Software Engineering
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2022-02-09
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at https://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.