Product Security Engineer I Job in Infoblox

What you ll do: Conduct cloud infrastructure and application vulnerability assessment in agile cloud development environment using open source and commercial tools Validate and triage identified vulnerabilities and application security defects Track remediation efforts of triaged vulnerabilities to their completion Contribute to the development and maintenance of vulnerability management tools and CI/CD integrations Provide technical documentation to development teams describing vulnerabilities and impact Create and maintain documentation as it relates to vulnerability management and penetration testing processes, standards and recommendations Perform penetration testing of web application, API s, thick clients, mobile application, Onprem and SaaS services following OWASP methodologies Research and develop proof of concepts on publicly available exploits for known/0Day vulnerabilities What you ll bring: Minimum 4 years of years experience in vulnerability management and penetration testing Hands-on experience managing: Vulnerability scanning tools Container and dependency (OSS libraries) scanning tools Docker and Kubernetes Security administration in AWS and Azure CI/CD and DevOps Tooling (Git, Jenkins, CircleCI) Infrastructure as code tools (Ansible, CloudFormation, Terraform) Experience in agile methodologies with secure software development life-cycle involving SAST & DAST tools (Coverity, CodeQL, SonarQube, Contrast) Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (reverse proxies, WAF), DNS Security, DoH & DoT Experience working with a POSIX system such as Linux or macOS Familiarity with Shell Scripts, Python or Golang is a major plus Good understanding of cyber security frameworks like OWASP, SANS, NIST, CIS etc One or more security certifications CEH, CISA, GSEC, OSCP, CISSP etc Excellent verbal and written communication skills with a strong attention to details MS/M.tech or BE/BS/B.tech in Computer Science or related field, or equivalent work experience required What success looks like: In the first six months, you will Understand the scope of Infoblox products, cloud infrastructure and SaaS services that require vulnerability assessment and penetration testing Reach proficiency with process and procedures laid out for the team in delivering best in class cyber security services Build knowledge and hands-on experience on cutting edge technologies Understand the team of engineers and current state After the first year, you will Be an independent key contributor to the team Participate in rotational watchdesk responsibilities as applicable Provide recommendations for security posture improvements Identify emerging security threats and trends