About This Team
YOU as a Lead Product Security Engineer will have the opportunity to collaborate with the brightest engineering minds and work on innovative product security areas.
Job Description
You are/have worked on Threat Modelling, Source Code Review, Penetration Testing and performing security analysis on existing or new products. Provide security guidance and input to product engineers. You have worked on problems of varied scope independently and able to drive strategy for Product Security in the limited scope of work and provide general guidance and/or direction on routine work to achieve overall program performance, schedule, and quality standards
Position Overview
Lead Product Security Engineer is responsible for leading and executing the Security Development Lifecycle (SDL) for Cloud Software Group On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness and drive and execute SDL best practices
Duties and Responsibilities
You will be responsible for leading and executing the Secure Software Development Lifecycle (SSDLC) for Cloud Software Group On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness.
You will provide guidance to product development teams on design changes as per security requirements.
Manual Source Code Review primarily C and C++ programming languages
Crash Exploitability Analysis - Analyze Crashes to Find Security Vulnerabilities using tools such as gdb (Good to have)
Execute the penetration tests internally to identify security vulnerabilities
Identify opportunities to prevent security problems at scale, Develop prototypes to prevent these security problems.
Basic Qualifications
10+ years of experience in a software security role such as blue team
You have a Full-time degree in Engineering (Preferably Computer Science related)
You are an expert in at least one of these areas in security – Unix System, Network, Cryptography
Strong C, C++ skills , Linux - Linux knowledge (low level preferred).
Good knowledge of Networking (TCP/IP) and other protocols like HTTP/S, DNS, et.al.
Basic understanding of File system concepts.
Experience with object-oriented design concepts.
Debugging Skills like GDB, core dump analysis and understanding Makefile concepts.
Extensive knowledge of common vulnerabilities - able to explain and remediate the OWASP Top 10 vulnerabilities across multiple programming languages
Reverse Engineering (Good to have)
Fuzzing using tools such as AFL, Peach (Good to have)
Deep understanding of application architecture and design principles
Experience in design review and threat modelling activities
You are capable of writing exploits for vulnerabilities identified in those respective areas.
Have excellent capabilities to identify security vulnerabilities and perform root cause analysis.
Good to have certifications such as OSCP, OSCE, GPEN, CRTP etc.
About Us:
Citrix and TIBCO recently merged to create Cloud Software Group, now one of the world’s largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done — from anywhere. Members of our team will tell you that we value diverse lived experiences, passion for technology, and the courage to take risks. Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.
Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications.
Cloud Software Group will consider qualified applicants with a criminal history and conduct the recruiting process in accordance with the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers and San Diego Fair Chance Ordinance. For access to the laws see the following links: California FCA and Los Angeles FCO.
If you need a reasonable accommodation due to a disability during any part of the application process, please contact us at (800) 424-8749, HR directly via (954) 229-6896 or email at AskHR@cloud.com for assistance.
Citrix has mentorship programs with students. Employees do volunteer work at food banks, parks and beaches. It really makes me feel like Citrix cares about the community. That’s something you don’t see at a lot of companies.
- Security Engineering Supervisor
There is a constant flow of ideas, which comes from our inner passion for engineering and that’s enormously motivating.
- Senior Software Engineer
There’s opportunities to become a tester, a developer, or more of an organizational agile lead. All of those are interesting to me, and what’s great is that my manager and the rest of my team will support me in whichever way I decide.
- Software Engineer I
In Citrix, we have customers ranging from most of the Fortune 500 companies to thousands of small businesses. We use very intelligent automation, monitoring and alerting procedures to make sure our Cloud products are always up and running.
- Senior Manager Site Reliability Engineering
I’ve been interested in working in tech ever since I was a little girl and I’m thrilled to work for a company that helps to secure the world and allows employees to access their company’s resources in a very secure manner.
- Security Engineer
Sign up for alerts on jobs like this one!
Thank you
You are now being redirected to complete your application