We are looking for a Principal Vulnerability Engineer who will be part of the security vulnerability team for the Java platform. This team conducts both the red team (offensive) and blue team (defensive) duties. Responsibilities will include proactive research, security tooling, assessments, and assisting development teams with security code review. Qualified candidate must have at least 10+ years of hands-on experience in platform security, deep knowledge of Java security model is a must. Minimum 10+ years of hands-on experience with security protocols and best practices are required. Ideal candidate is expected to work independently on assigned tasks. Proven past experience in successful security incident resolution and proactive research utilizing industry standard tools is a must-have. Past research and CVEs on Java security issues are a plus. Must have proficiency in Java, and expert level C/C++ skills, and systems level programming. Great personal leadership, self-starter, ability to work with remote teams and communication skills are required.
Career Level - IC4
Responsibilities will include proactive research on new vulnerability signatures for the Java platform, create and maintain security tooling for the Java platform, conduct security assessment for new features that will be integrated into the JDK, and assisting development teams with security code review.