Member of Technical Staff (Security Engineering) - Opportunity for Working Remotely @ VMware - New York, NY

Job Overview

2 months ago

Member of Technical Staff (Security Engineering) - Opportunity for Working Remotely

VMware - New York, NY

The Elevator Pitch:


The world is changing fast, and the security engineering space is changing even faster! Corporations, governments, schools, hospitals are in desperate need for digital
transformation at a rapid space. VMware is driving this transformation for 350,000 customers (which includes 98% of Fortune 500). You won’t find another company that offers the breadth of innovative technology. Now imagine the opportunity to work on securing the products and services which VMware creates on cutting edge technologies. You would be exposed to the broad technology stack which you can break / hack into and help secure. This opportunity provides an endless possibility to learn, grow and flourish as a product security engineer.
This product security engineer role is part of the S.C.O.P.E organization, which expands to Security, Compliance, and Privacy Engineering. As part of this role in product security, you will be responsible for identifying security design flaws and vulnerabilities, and offering potential remediation recommendations. Also, you will have the opportunity to collaborate with, but not limited to, security architects, development teams across VMware, and other security engineers in the team, who work on various areas such as, virtualization, software-defined networking, cloud security, and Kubernetes. If you have the drive to work on securing the next big thing, we would love to talk!

Success in the Role: What are the performance outcomes over the first 6-12 months you will work toward completing?


The following is a schedule for the first year of joining:
  • Within 1 month of employment, learn the product/SaaS offering which you will help secure, the technology stack which they use, become familiar with the attack vectors in the related domain, and get accustomed to the code base, recent externally reported vulnerabilities, release cycles etc.
  • Within 3 months of employment, work towards becoming competent in handling secure design reviews, threat model activities, scoping penetration testing and perform security testing of products/SaaS.
  • Within 1 year of employment, work towards becoming competent in handling multiple products and SaaS offerings, along with automating security test cases and finding innovative ways of identifying vulnerabilities in quick time and covering the entire blast radius.

The Work: What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?

As a product security engineer, you will:
  • Work on assessing the security for products as they evolve with new features
  • Work on product / SaaS offering / Solution for secure design reviews and threat modelling
  • Scope for penetration tests
  • Perform penetration testing at product / SaaS offering / Solution level
  • Perform manual secure code reviews
  • Identify security vulnerabilities and control gaps
  • Provide actionable and practical mitigations to address security vulnerabilities by working closely with the development teams
  • Generate penetration test report
  • Analyze externally reported vulnerabilities
  • Automate repeatable security tests
  • Penetration testing skills in Web, System, Container, Mobile, Network, and Cloud based technologies
  • Secure design reviews and threat modelling
  • Familiarity with SAST and DAST tools
  • Manual secure code review (not limiting to): Java, C/C++, C#, JavaScript, Go, Python
  • Experience with coding/scripting in one or more of the following (not limiting to): Python, Ruby
  • Vulnerability assessment

Preferred qualifications:
  • CTF experience
  • Public track record of security research like, CVEs, bug bounty recognition, conference presentation
  • Security automation like, (not limited to) Burp suite automation, familiarity with Frida
  • Opensource vulnerability assessment
  • Programming experience in one or more of the following (not limiting to): Java, C/C++, C#, JavaScript
  • Security certifications
  • Bachelor’s degree in a technical discipline
  • Good verbal and written communication skills

What is the leadership like for this role? What is the structure and culture of the team like?


S.C.O.P.E is headed by Ashok Banerjee, who is the Vice President based out of U.S. vSECR, which is widely known, is part of this organization. The leadership of S.C.O.P.E
reporting to Ashok is based out of India, U.S, and Ireland. As part of this role, you will be joining the US team, which is headed by Madhusudan H.N in Bangalore, India. The
leadership encourages independent thinking and gives a free hand to innovate.
The team is distributed across the globe, in India, U.S, and Europe. We have a diverse, inclusive and open culture in the team. We encourage continuous learning, sharing of ideas
and thoughts, and growing together as a team. The team consists of majorly security engineers with experience ranging from less than a year to more than 10 years. We also have a good presence of technical product managers, full stack developers, and security architects. The team is built on trust and empathy, and we celebrate each other’s successes.

Where is the role located?


Either of the following can be opted.
The location of this role is flexible within US. Work will be done from an office some days during a week and other days from a non-VMware building.
This role is fully remote and can be done anywhere in US.


What are the benefits and perks of working at VMware?

You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com.

  • Employee Stock Purchase Plan

  • Medical Coverage, Retirement, and Parental Leave Plans for All Family Types

  • Generous Time Off Programs

  • 40 hours of paid time to volunteer in your community

  • Rethink's Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities

  • Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)

  • Wellness reimbursement and online fitness and wellbeing classes


Due to the Biden Administration issuing an Executive Order (EO) that effectively mandates COVID-19 vaccination for all U.S. based employees of federal contractors and subcontractors, all U.S. based VMware employees will be required to have their final vaccination dose (e.g., second dose of Pfizer or Moderna, or single dose of J&J) by January 4, 2022. Specifically, this means that all U.S. based VMware employees will need to be fully vaccinated by January 18th, 2022, or by their first date of employment if after that date, subject to legally required accommodations.


Category :
Engineering and Technology
Subcategory: Software Engineering
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2021-12-07


VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.

Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.

Similar Jobs

Overnight Stock - Part Time

BJ's Wholesale Club, Inc.

Long Island City, NY

Ensure a safe and positive environment and experience for the members. Stocks, rotates, and stores general merchandise and/or food in the club.

Recovery Clerk-Part Time

BJ's Wholesale Club, Inc.

Bronx, NY

Provides members with prompt and courteous service and assistance. Ensure a safe and positive environment and experience for the members.

Overnight Grocery Team Member (Stocker, Inventory, Receiving)-Full Time

Whole Foods Market

Garden City, NY

Provides overnight support for assigned team to include receiving and preparing product and maintaining the floor, displays, and back stock in accordance with…

Chief of Staff, Executive Office

NEO Philanthropy

New York, NY

The Chief of Staff will be a critical member of the NEO leadership team whose success will require. Grant making funds on a range of social justice issues,…

Part Time (30 hours) Associate Banker-Eastern Queens,NY

JPMorgan Chase Bank, N.A.

Queens Village, NY

Helping build relationships with customers by connecting them with team members who can help them address their financial needs.

Cashier-Part Time

BJ's Wholesale Club, Inc.

Long Island City, NY

Ensure a safe and positive environment and experience for the members. Collects payments via cash, check, or other charge payments from members.

Part-Time (30 hours) Associate Banker-Northwest Queens

JPMorgan Chase Bank, N.A.

Long Island City, NY

Helping build relationships with customers by connecting them with team members who can help them address their financial needs.

Store Team Member (Cashier, Stocker, Animal Care)

Pet Supplies Plus

Manhasset, NY

Educate a sixth grader on bird ownership. Stock shelves and ring up neighbors’ purchases. …all while engaging with our neighbors and smiling in the face of…

Retail Sales Associate

Staples Stores

Bronx, NY

You’ll provide exceptional customer service and have our customer’s needs in mind while helping them find products and providing solutions (training provided).

Part-Time (30 hours) Associate Banker - North Central Queens (Flushing, Jackson Heights)

JPMorgan Chase Bank, N.A.

Flushing, NY

Helping build relationships with customers by connecting them with team members who can help them address their financial needs.

Store Team Member-Daytime/Weekday (Cashier, Stocker, Animal Care)

Pet Supplies Plus

Oceanside, NY

We are currently looking for daytime Team Members for mostly weekdays and some weekends if available. Educate a sixth grader on bird ownership.

PMO Office of Global Confidentiality, Privacy and Data Security Sr. Consultant

Deloitte

New York, NY

Manage distribution lists for team, member firms, and DTTL contacts. Coordinate meetings such as all-hands team meetings, leadership webinars and conferences…

Customer Success Manager

Appsflyer

New York, NY

The ideal candidate believes in personalized service, thrives in cultivating business relationships, and can navigate the mobile ecosystem with ease.

Head of Account Management

Appsflyer

New York, NY

Be a negotiator - Contribute to complex negotiations and the closing of business; leverage executive team members to improve results.

Collections Specialist

Appsflyer

New York, NY

Performs a variety of complex accounting functions for billing. This position performs routine payment posting, and problem solving for various customers.

Restaurant Team Member

Burger King

Easton, PA

You will be trained on all crew positions such as, cashier, drive thru, and the sandwich board. Holding yourself to high standards of integrity and customer…

Branch Manager - South Central Queens, NY

JPMorgan Chase Bank, N.A.

Fresh Meadows, NY

Create an environment that encourages team members to provide an exceptional customer experience and a dynamic and engaging culture.

Territory Manager

GE Healthcare

New York, NY

Consults supervisor or more senior team members for issues outside of defined instructions/parameters. As Territory Manager, you will be responsible for selling…

Computer Instructor for Senior Center PSRL

Selfhelp

New York, NY

Call each class member and staff to advise them when unable to come to work. Job Summary: Prepares and conducts classes, including coordinating the curriculum,…

Overnight stock -Part Time

BJ's Wholesale Club, Inc.

West Nyack, NY

Ensure a safe and positive environment and experience for the members. Stocks, rotates, and stores general merchandise and/or food in the club.

Global Anti-Corruption and Financial Crime Compliance Senior Analyst

Deloitte

New York, NY

Support the annual project relating to the assessment of Deloitte member firm's Anti-Corruption, AML and Trade Controls (Sanctions and Export Controls)…

Cashier

The Cheesecake Factory

Yonkers, NY

From behind our beautiful bakery counter, cashiers take orders and handle payments for walk-in guests, providing an experience that’s just as memorable as when…

PMO Office of Global Confidentiality, Privacy and Data Security Sr. Consultant

Deloitte

Jericho, NY

Manage distribution lists for team, member firms, and DTTL contacts. Coordinate meetings such as all-hands team meetings, leadership webinars and conferences…

Global Strategy and Innovation Consultant

Deloitte

New York, NY

Building relationships and establishing trust with team members and relevant stakeholders. Bringing a strategic mindset and structured approach to problem…

Ad