Product Security Engineer - Threat Labs

The Senior Security Engineer/Threat Researcher will be part of Aruba Threat Labs, researching and improving the security of HPE Aruba Networking's products, the company's secure development practices, and the company's vulnerability disclosure processes.

Requirements

• B.S. or M.S. in software engineering, computer science, cybersecurity, or a related field (or equivalent experience)
• 7+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
• Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
• Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks
• Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities
• Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF, and insecure deserialization
• Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
• Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
• Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders
• Effective problem-solving skills and a strong attention to detail
• Ability to work independently and collaboratively within a geographically distributed team

Benefits

• Health & Wellbeing
• Personal & Professional Development
• Unconditional Inclusion

Originally posted on Himalayas