Product Security Engineer Job in Bangalore at Hashicorp

HarshiCorp is hiring for the role of Product Security Engineer!

Responsibilities of the Candidate:

• Contribute to secure architecture and design of HashiCorp products.
• Partner with R&D teams to prioritize security features and bugs, and ensure implementation and mitigations.
• Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations, and assess/communicate associated risks.
• Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp’s products, services, and associated cloud infrastructure.
• Build and implement security solutions across the product lifecycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc.
• Act as SME in multiple information security areas (e.g. security architecture, application security, threat modeling etc.)

 Requirements:

• Product/service architectures in modern cloud environments (IaaS, SaaS, PaaS).
• Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
• Secure development practices, and integration into broader engineering activities.
• Secure operations practices, specifically wrt. cloud environments including Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP)..
• Application and infrastructure security testing methodologies and tools.
• Security design/architecture and threat modeling.
• Vulnerabilities (old and new), and options for defense/mitigation.
• Product vulnerability management lifecycle.
• Security audits, penetration tests, and/or bug bounty programs.