Senior Product Security Engineer
Position Summary
Do you like securing complex cloud services and infrastructure? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Sr. Product Security Engineer, experienced with modern cloud system development and infrastructure-as-code practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success.
We're looking for candidates with a mix of cloud security, infrastructure security, security information and event management (SIEM) technologies, DevOps, and software development experience, who enjoy working in a collaborative environment and taking direct action to identify, remediate and prevent vulnerabilities and security issues.
You must have experience securing cloud environments and modern computing infrastructure, deploying and operating SIEM tools, and strong familiarity with Infrastructure-as-Code and container technologies.
Key Responsibilities
Implement and operate Splunk Cloud Platform and Enterprise Security, including setting up log ingestion from required source systems and ensuring correct parsing and categorization of log events for effective SIEM operations
Implement and operate endpoint detection and response (EDR) and network detection & response (NDR) solutions
Develop system configuration and hardening standards and coordinate with other teams to ensure compliance with those standards
Define standards for secure configuration of application and infrastructure components
Perform threat modeling, security design reviews, code reviews, and consultations with other staff
Build and improve vulnerability management processes and tooling to support system owners to successfully remediate issues
Perform, automate and streamline patching and vulnerability remediation activities
Develop and deliver training on cloud security issues, best practices and internal policies
Select, implement and manage cloud security tools including cloud security posture management (CSPM), network/host/container/IaC vulnerability scanners and configuration auditing
Participate in manual pen testing of new + existing systems
Perform and/or lead security investigation and incident response activities
Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
Required Qualifications
Bachelor’s degree or equivalent experience in computer science, engineering, or information technology
8+ years of experience in security engineering, software development and/or DevOps, with a focus on securing complex systems and modern cloud infrastructure
Strong experience securing AWS cloud platform and services, including the implementation of guardrails using service control policies (SCPs), IaC policies, CSPM, or similar strategies
Experience implementing Splunk Enterprise Security to monitor cloud-based systems
Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
Experience securing cloud-based web applications, APIs, data and infrastructure
All R&D Employees will be required to attend 2 mandatory in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each
Must be a US citizen or lawful permanent resident (i.e., green card holder) (in order to support restricted access network environments)
Preferred Qualifications
Experience securing software-as-a-service (SaaS) and cloud service offerings
Experience with meeting FedRAMP, NIST SP 800-53 and similar compliance requirements
Experience deploying or managing EDR and NDR solutions (such as ExtraHop RevealX)
Experience securing Google Cloud Platform (GCP) and Azure
Experience working in a security operations center (SOC) and/or leading security incident response activities
Solid knowledge of Kubernetes, Git, Python, Terraform, Ansible, and the use of scripting in support of security automation, CI/CD pipelines
The base salary for this position rages from 136,600 - 180,380 plus bonus + benefits
About the job
Apply for this position
Senior Product Security Engineer
Position Summary
Do you like securing complex cloud services and infrastructure? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Sr. Product Security Engineer, experienced with modern cloud system development and infrastructure-as-code practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success.
We're looking for candidates with a mix of cloud security, infrastructure security, security information and event management (SIEM) technologies, DevOps, and software development experience, who enjoy working in a collaborative environment and taking direct action to identify, remediate and prevent vulnerabilities and security issues.
You must have experience securing cloud environments and modern computing infrastructure, deploying and operating SIEM tools, and strong familiarity with Infrastructure-as-Code and container technologies.
Key Responsibilities
Implement and operate Splunk Cloud Platform and Enterprise Security, including setting up log ingestion from required source systems and ensuring correct parsing and categorization of log events for effective SIEM operations
Implement and operate endpoint detection and response (EDR) and network detection & response (NDR) solutions
Develop system configuration and hardening standards and coordinate with other teams to ensure compliance with those standards
Define standards for secure configuration of application and infrastructure components
Perform threat modeling, security design reviews, code reviews, and consultations with other staff
Build and improve vulnerability management processes and tooling to support system owners to successfully remediate issues
Perform, automate and streamline patching and vulnerability remediation activities
Develop and deliver training on cloud security issues, best practices and internal policies
Select, implement and manage cloud security tools including cloud security posture management (CSPM), network/host/container/IaC vulnerability scanners and configuration auditing
Participate in manual pen testing of new + existing systems
Perform and/or lead security investigation and incident response activities
Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
Required Qualifications
Bachelor’s degree or equivalent experience in computer science, engineering, or information technology
8+ years of experience in security engineering, software development and/or DevOps, with a focus on securing complex systems and modern cloud infrastructure
Strong experience securing AWS cloud platform and services, including the implementation of guardrails using service control policies (SCPs), IaC policies, CSPM, or similar strategies
Experience implementing Splunk Enterprise Security to monitor cloud-based systems
Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
Experience securing cloud-based web applications, APIs, data and infrastructure
All R&D Employees will be required to attend 2 mandatory in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each
Must be a US citizen or lawful permanent resident (i.e., green card holder) (in order to support restricted access network environments)
Preferred Qualifications
Experience securing software-as-a-service (SaaS) and cloud service offerings
Experience with meeting FedRAMP, NIST SP 800-53 and similar compliance requirements
Experience deploying or managing EDR and NDR solutions (such as ExtraHop RevealX)
Experience securing Google Cloud Platform (GCP) and Azure
Experience working in a security operations center (SOC) and/or leading security incident response activities
Solid knowledge of Kubernetes, Git, Python, Terraform, Ansible, and the use of scripting in support of security automation, CI/CD pipelines
The base salary for this position rages from 136,600 - 180,380 plus bonus + benefits