Senior Security Engineer
Senior Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Mirantis is looking for a Senior Security Engineer to help keep the popular Lens product () secure for its this role you will seek security vulnerabilities from the Lens Desktop - an electron based application built on open source by Team Lens of Mirantis - and all the related cloud based services. Youll work together with Lens engineering teams to prioritize and fix any issues. Youll also drive the efforts for achieving and maintaining industry standard security related certificates and compliances. This position will provide you with challenging opportunities both technologically and as a leader but will also be a great deal of fun if hacking a popular cloud native developer tool and related services alongside a team of world class individuals sounds exciting to you.
In this role youll provide technical leadership and advice to engineering teams and leaders in collaboration with Mirantis information security teams. Youll gain first hand knowledge on how Lens is built and how it operates at a deep technical level. Additionally you will leverage the domain knowledge of Lens to identify vulnerabilities in the broader Mirantis product portfolio. Above all else a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Mirantis and its customers secure.
Responsibilities
Conducting high quality application penetration tests independently or leading the efforts done by third party contractors
Identifying security vulnerabilities across various security domains (e.g. system and network security authentication and security protocols cryptography application security) and producing engagement plans and remediation recommendations to address any findings or gaps.
Leading the efforts for prioritizing and resolving security vulnerabilities including contributing fixes directly to product in collaboration with engineering teams
Driving the efforts for achieving and maintaining security related certifications and compliance (e.g. SOC2)
Assist other departments like sales and marketing to communicate our security posture compliance and/or potential gaps in security domain to our customers
Performing quarterly internal security tests of Lens Cloud and Desktop simulating relevant attack scenarios and managing remediation.
Maintaining and updating threat models for core Lens services and supporting architecture security reviews.
Triage and validation of SAST and container scanning results and coordinating remediation with engineering.
Maintaining BCP/DRP policies for Lens running periodic reviews and organizing tabletop exercises.
Monitoring and helping to remediate vulnerabilities in third-party dependencies and container images via Dependabot CodeQL etc.
Auditing secrets usage in Lens codebases and CI/CD pipelines and validating proper use of secret storage solutions.
Assessing security risks associated with new SaaS tools or external APIs used in Lens.
Qualifications :
- Experience in a penetration testing or information security role
- Experience with security engineering practices including: web application security network security authentication and authorization protocols cryptography automation and other software security disciplines
- Experience with dynamic and manual code auditing to identify security issues
- Experience with interpreted or compiled languages (e.g. Node JavaScript TypeScript Go C/C)
- Experience with threat modeling design review or other threat analysis techniques
- Experience with cloud service providers and their offerings and their various technologies and services
- Experience in developing security tooling and automation
- Experience in CVE research and/or Bug Bounty recognition
- Advanced degree in Computer Science or related field or equivalent industry experience
Additional Information :
Why youll love Mirantis
- Work with an established leader in the cloud infrastructure industry.
- Work with exceptionally passionate talented and engaging colleagues helping Fortune 500 and Global 2000 customers implement next-generation cloud technologies.
- Be a part of cutting-edge open-source innovation.
- Thrive in the high-energy environment of a young company where openness collaboration risk-taking and continuous growth are valued.
- Receive a competitive compensation package with strong benefits plan.
- We are a Leader for Container Management in G2 (#2 after AWS)!
It is understood that Mirantis Inc. may use automated decision-making technology (ADMT) for specific employment-related decisions. Opting out of ADMT use is requested for decisions about evaluation and review connected with the specific employment decision for the position applied for. You also have the right to appeal any decisions made by ADMT by sending your request to
By submitting your resume you consent to the processing and storage of your personal data in accordance with applicable data protection laws for the purposes of considering your application for current and future job opportunities.
We are a Leader for Container Management in G2 (#2 after AWS)!
Remote Work :
Yes
Employment Type :
Full-time
Employment Type
Remote
