Security Engineer

Company Description

Mirantis helps organizations ship code faster on public and private clouds. The company provides a public cloud experience on any infrastructure from the data center to the edge. With Lens and the Mirantis Cloud Native Platform, Mirantis empowers a new breed of Kubernetes developers by removing infrastructure and operations complexity and providing one cohesive cloud experience for complete app and devops portability, a single pane of glass, and automated full-stack lifecycle management with continuous updates.

Mirantis serves many of the world’s leading enterprises, including Adobe, DocuSign, Liberty Mutual, PayPal, Reliance Jio, Societe Generale, Splunk, and Volkswagen. Learn more at www.mirantis.com.

Job Description

Mirantis is looking for a Senior Security Engineer to help keep the popular Lens product (https://k8slens.dev) secure for its customers. In this role, you will seek security vulnerabilities from the Lens Desktop - an electron based application, built on open source by Team Lens of Mirantis - and all the related cloud based services. You'll work together with Lens engineering teams to prioritize and fix any issues. You'll also drive the efforts for achieving and maintaining industry standard security related certificates and compliances. This position will provide you with challenging opportunities, both technologically and as a leader, but will also be a great deal of fun if hacking a popular cloud native developer tool and related services alongside a team of world class individuals sounds exciting to you.

In this role you'll provide technical leadership and advice to engineering teams and leaders in collaboration with Mirantis information security teams. You'll gain first hand knowledge on how Lens is built and how it operates at a deep, technical level. Additionally, you will leverage the domain knowledge of Lens to identify vulnerabilities in the broader Mirantis product portfolio. Above all else, a strong sense of customer obsession is necessary to focus on the ultimate goal of keeping Mirantis and its customers secure.

Responsibilities:

• Conducting high quality application penetration tests independently, or leading the efforts done by third party contractors
• Identifying security vulnerabilities across various security domains (e.g. system and network security, authentication and security protocols, cryptography, application security) and producing engagement plans and remediation recommendations to address any findings or gaps.
• Leading the efforts for prioritizing and resolving security vulnerabilities, including contributing fixes directly to product, in collaboration with engineering teams
• Driving the efforts for achieving and maintaining security related certifications and compliance (e.g. SOC2)
• Assist other departments, like sales and marketing, to communicate our security posture, compliance, and/or potential gaps in security domain to our customers

Qualifications

• Experience in a penetration testing or information security role
• Experience with security engineering practices, including: web application security, network security, authentication and authorization protocols, cryptography, automation, and other software security disciplines
• Experience with dynamic and manual code auditing to identify security issues
• Experience with interpreted or compiled languages (e.g. Node, JavaScript, TypeScript, Go, C/C++)
• Experience with threat modeling, design review, or other threat analysis techniques
• Experience with cloud service providers and their offerings, and their various technologies and services
• Experience in developing security tooling and automation
• Experience in CVE research, and/or Bug Bounty recognition
• Advanced degree in Computer Science or related field, or equivalent industry experience

Additional Information

• Work with an established leader in the cloud infrastructure industry.
• Work with exceptionally passionate, talented and engaging colleagues, helping Fortune 500 and Global 2000 customers implement next-generation cloud technologies.
• Be a part of cutting-edge, open-source innovation.
• Thrive in the high-energy environment of a young company where openness, collaboration, risk-taking, and continuous growth are valued.
• Receive a competitive compensation package with strong benefits plan.

We are a Leader for Container Management in G2 (#2 after AWS)!