Global Security PSIRT Engineer (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Global Security PSIRT Engineer (Cybersecurity): Handling complex security vulnerabilities across storage, cloud, and data management products with an accent on triage, technical analysis, and coordinated disclosure. Focus on driving root cause analysis, managing the full vulnerability lifecycle, and maturing PSIRT processes in alignment with industry standards.
Location: Must be based in the United States (Hybrid role with in-office expectations).
Salary: $147,900–$220,000 USD.
Company
is a leader in intelligent data infrastructure, providing unified storage and data services for cloud and enterprise environments.
What you will do
- Triage, verify, and conduct in-depth technical analysis of vulnerability reports from external and internal sources.
- Reproduce vulnerabilities in lab environments and assess risk using CVSS and business context.
- Collaborate with engineering teams to drive root cause analysis and validate fixes and workarounds.
- Manage the full vulnerability lifecycle, including embargo handling, CVE-ID requests, and security advisories.
- Coordinate with external stakeholders such as security researchers and CERT/CC.
- Mentor junior team members and contribute to PSIRT maturity initiatives and process improvements.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent experience.
- 5+ years of experience in security engineering, vulnerability management, or incident response.
- Strong technical knowledge of Linux/Unix, networking, storage systems, and cloud platforms (AWS, Azure, GCP).
- Hands-on experience reproducing and analyzing security vulnerabilities.
- Solid understanding of CVSS, CVE, CWE, and coordinated vulnerability disclosure practices.
- Excellent written and verbal communication skills for technical and non-technical audiences.
Nice to have
- Experience with products like ONTAP or StorageGRID.
- Scripting and automation skills in Python, Bash, or PowerShell.
- Knowledge of SBOMs, software composition analysis, and supply chain security.
- Industry certifications such as CISSP, OSCP, or GIAC.
- Experience with bug bounty platforms like HackerOne.
Culture & Benefits
- Hybrid working environment designed to strengthen connection and collaboration.
- Comprehensive benefits package including health, life, and retirement/pension plans.
- Paid time off and various leave options.
- Employee stock purchase plan and restricted stocks (RSU’s).
- Commitment to an inclusive and accessible workplace with reasonable accommodations.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →