Sr Staff Software Engineer (Expanse)
New York City, United States
Full Time Senior-level / Expert USD 175K+
Palo Alto Networks
Implement Zero Trust, Secure your Network, Cloud workloads, Hybrid Workforce, Leverage Threat Intelligence & Security Consulting. Cybersecurity Services & Education for CISO’s, Head of Infrastructure, Network Security Engineers, Cloud...Company Description
Our Mission
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
Our Approach to Work
We lead with flexibility and choice in all of our people programs. We have disrupted the traditional view that all employees have the same needs and wants. We offer personalization and offer our employees the opportunity to choose what works best for them as often as possible - from your wellbeing support to your growth and development, and beyond!
At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work from the office three days per week, leaving two days for choice and flexibility to work where you feel most effective. This setup fosters casual conversations, problem-solving, and trusted relationships. While details may evolve, our goal is to create an environment where innovation thrives, with office-based teams coming together three days a week to collaborate and thrive, together!
Job Description
Your Career
The Cortex Vulnerability Intelligence team is expanding, and we’re looking for a Software Engineer to join our team. At Xpanse, we work to make the internet a safer place for our customers. The Cortex Vulnerability Intelligence team builds the software that provides customers and internal teams vulnerability landscape context, allowing us to determine whether customer systems are vulnerable to various threats. This allows customers to prioritize and remediate critical vulnerabilities using the XSIAM platform.
Your Impact
Design, build, and maintain software that matches customer systems to vulnerabilities (CVEs) using internal and external threat intelligence data feeds.
Build an in-depth understanding of the vulnerability intelligence landscape, including what our customers need to run successful vulnerability management programs.
Take part in architecture strategy sessions; design solutions that accommodate the requirements of the various groups across Cortex.
Collaborate with teams to solve problems, reduce technical debt, and evolve development practices. Drive technical best practices and evangelize new technologies within the engineering org.
Mentor other engineers and ensure that your team delivers high-quality output.
Take ownership of projects, drive them to completion, and support them in production.
Qualifications
Your Experience
3+ years of experience as a professional software engineer writing back end software.
Experienced and opinionated about API design and distributed backend systems. Able to switch between research, design, prototype, and implementation.
Experience using cloud managed services (ideally in GCP).
Experience working in vulnerability management or incident response, or working closely with teams performing these functions.
Proficient in Python, Golang, and/or Java, with the ability to learn new languages as needed.
Some familiarity with common open source security software such as Nuclei, OpenVAS, and Nmap.
Strong knowledge of CVE landscape, vulnerability management workflows, patching strategies, and open source threat data (e.g., VulnCheck).
Basic understanding how a variety of exploits work and shows skills in enumerating and selecting the correct exploit for a given system.
Nice To Haves
Cybersecurity knowledge demonstrated with base level certifications (eg OSCP, GPEN, or Pentest+) or willingness to obtain.
Familiarity with current penetration and security assessment tools such as Metasploit, Nmap, Burp Suite, Wireshark, etc.
Knowledge of common networking protocols such as HTTP, DNS, DHCP, ARP, FTP, etc. Basic knowledge in other less common protocols such as ICS/SCADA or database protocols.
Experience contributing to open source software.
Additional Information
The Team
To stay ahead of the curve, it’s critical to know where the curve is, and how to anticipate the changes we’re facing. For the fastest growing cybersecurity company, the curve is the evolution of cyberattacks, and the products and services that proactively address them. Our engineering team is at the core of our products – connected directly to the mission of preventing cyberattacks. They are constantly innovating – challenging the way we, and the industry, think about cybersecurity. These engineers aren’t shy about creating products to solve problems no one has tackled before. They define the industry, instead of waiting for directions. We need individuals who feel comfortable in ambiguity, excited by the prospect of challenge, and empowered by the unknown risks facing our everyday lives that are only enabled by a secure digital environment.
Our engineering team is provided with an unrivaled opportunity to build the products and practices that will support our company growth over the next decade, defining the cybersecurity industry as we know it. If you see the potential of how incredible people's products can transform a business, this is the team for you. If you don’t wait for directions, instead, identifying new features and opportunities we have to just get better, this is your new career.
Our Commitment
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
All your information will be kept confidential according to EEO guidelines.
The compensation offered for this position will depend on your degree or progress toward degree, qualifications, experience, and work location. For candidates who receive an offer, the starting rate is expected to be $175,000/yr for the specific role.
Is role eligible for Immigration Sponsorship?: Yes
Tags: APIs Burp Suite Cloud DNS Exploit Exploits GCP Golang GPEN ICS Incident response Java Metasploit Nmap Open Source OpenVAS OSCP Python SCADA Security assessment Strategy Threat intelligence Vulnerabilities Vulnerability management
Perks/benefits: Career development Medical leave Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs