R&D Principal Software Engineer - Security Engineering
R&D Principal Software Engineer - Security Engineering
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Please Note:
1. If you are a first time user please create your candidatelogin account before you apply for a job. (Click Sign In > Create Account)
2. If you already have a Candidate Account please Sign-In before you apply.
Job Description:
The Elevator Pitch: Why will you enjoy this new opportunity
VMware by Broadcom products and services are trusted by various organizations for their mission critical systems. Many of these systems demand the highest confidentiality and are of extreme interest to nation state actors. The vSECR team within the VCF (VMware Cloud Foundation) Division at Broadcom is responsible for defending these products services and their supply chains.
If helping find and fix security holes in these systems is your idea of a fun career then you should come join this team. Working alongside other highly motivated and capable security engineers you will get first-hand experience in modern threats attack and defense techniques.
Success in the Role: What are the performance outcomes over the first 6-12 months you will work toward completing
Security Engineers on this team are responsible for finding new vulnerabilities in VMware products and services assessing threats analyzing externally reported vulnerabilities developing PoC exploits utilizing exploit kits providing vulnerability mitigations virtual patches workarounds and fix recommendations. They achieve this by performing feature security reviews baseline security tests fuzzing reviewing/writing code security tool development/integration security architecture and other techniques.
In the first 6mths you will be expected to become intimately familiar with the products/components and supply chain security concerns assigned to you. You should also be able to perform architecture reviews assess threats and perform security testing to find and fix security gaps in those components in collaboration with a member of your team. Within 1yr you are expected to be fairly independent in doing product and supply chain security assessments as well as driving mitigations/remediations with product and service development teams.
The Work: What type of work will you be doing What assignments requirements or skills will you be performing on a regular basis
Perform security architecture reviews for both our products services and supply chain components like build/release pipelines component sourcing etc
Methodically create/execute feature and system test plans and automate your efforts
Perform an offensive analysis of VMware products and cloud services with an assumed breach mindset and create formal threat models
Use your code reading and writing skills to discover security defects as well as enable developer efficiency
Perform RCCA and present on high profile vulnerabilities to executive staff
Monitor and develop intelligence sources to maintain situational awareness of the cyber threat landscape
Make entire kill-chain understandable for an engineering audience
Proficient in Python and at least one of C/C or Java
Bachelors degree in Computer Science or related field and 12 years of related experience or Masters degree in Computer Science or related field and 10 years of related experience.
Broadcom is proud to be an equal opportunity employer. We will consider qualified applicants without regard to race color creed religion sex sexual orientation national origin citizenship disability status medical condition pregnancy protected veteran status or any other characteristic protected by federal state or local law. We will also consider qualified applicants with arrest and conviction records consistent with local law.
If you are located outside USA please be sure to fill out a home address as this will be used for future correspondence.
Required Experience:
Staff IC
Employment Type
Full-Time
