The Job Network · 2 days ago
Sr. Engineer, Application Security / Sensor - Product Security (Remote)
Maximize your interview chances
Staffing & Recruiting
Insider Connection @The Job Network
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Join project teams working on product improvements and new products as a security expert and advisor, influencing the design and capabilities of our world-class endpoint protection products, with a focus on the endpoint sensors
Create and update threat models to help drive security decisions
Read and review source code for applications, looking for security flaws and vulnerabilities; you’ll have tools to help you but you’ll be digging deeper than tools can
Think like a hacker and attack endpoint applications with kernel components, mostly before they go to production; again, you’ll have tools to help you, but you’ll do more than tools can
Work with developers to help them understand problems, risks, design weaknesses, etc. and figure out good solutions
Build small tools and automation to make your life/your team’s life/developers’ lives easier
Validate and replicate some kinds of bug bounty reports, and hunt for similar issues in affected applications
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Experience programming in or assessing security of C/C++ apps for Windows, Linux or Mac
Understanding of system internals and security features for Windows, Linux or Mac
Comfort with concurrency considerations in multi-threaded applications
Understand the security implications of containerization and virtualization
A working understanding of how software products are created and shipped in Agile/DevOps like environments – enough to have a positive working relationship with product engineers
A solid understanding of common software weaknesses that impact endpoint and client/server applications
Comfort with collaborating across technical teams: asking technical questions, challenging assumptions, getting or providing context for decisions, etc.
Preferred
C/C++ programming/review
Experience with debuggers like Ghidra, IDA Pro, or other similar tools
Experience developing/maintaining automation for application security tasks
Experience developing and using threat models, especially using STRIDE
Application penetration testing experience, especially if it includes testing against install packages and control bypass methods
Reverse-engineering or malware analysis, or related security research capabilities
Company
The Job Network
TheJobNetwork is a leading recruitment advertising network that connects employers and qualified talent across hundreds of trusted local and niche publisher job sites that are powered by RealMatch, Inc.
Funding
Current Stage
Growth StageCompany data provided by crunchbase