Product Security Engineer - Threat Labs

The Senior Security Engineer/Threat Researcher will be part of Aruba Threat Labs, researching and improving the security of HPE Aruba Networking's products, the company's secure development practices, and the company's vulnerability disclosure processes.RequirementsB.S. or M.S. in software engineering, computer science, cybersecurity, or a related field (or equivalent experience)7+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security disciplineProgramming experience in C and at least one additional language used for secure software development, such as Rust, Go, or PythonHands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworksUnderstanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilitiesStrong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF, and insecure deserializationFamiliarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) toolsKnowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfallsStrong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholdersEffective problem-solving skills and a strong attention to detailAbility to work independently and collaboratively within a geographically distributed teamBenefitsHealth & WellbeingPersonal & Professional DevelopmentUnconditional InclusionOriginally posted on Himalayas

Apply Now