Product Security Engineer
Cluj-Napoca, Romania
8x8, Inc.
The 8x8 unified platform for contact center, business phone, video, chat, and APIs helps companies of any size deliver differentiated customer experiences.For additional information, visit www.8x8.com, or follow 8x8 on LinkedIn, Twitter and Facebook.
At 8x8 we value security and recognize the importance of ensuring the integrity and confidentially of global communications. We are looking for a Product Security Engineer with a passion for security and technology to help us secure our next generation communication platform. This role is responsible for conducting both source code analysis and dynamic security assessments and working with 8x8 technical teams to remediate any identified security issues.
Responsibilities:
- Perform manual penetration testing and source code review to identify complex vulnerabilities
- Participate in product architecture reviews
- Provide guidance and support for security automation within CI/CD processes and procedures
- Collaborate with engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC)
- Assist with researcher engagement in bug bounty program, validation of reports, and drive timely remediation
- Vulnerability management scanning, prioritizing results, identification of responsible stakeholders, and driving resolution within defined SLA targets
Qualifications:
- Previous experience in information security
- Demonstrated enthusiasm for information security (e.g., GitHub repo, blogs, presentations, conference talks, local security association member, etc.)
- Strong knowledge of web protocols
- Web application testing: e.g. Metasploit, BurpSuite, ZAP
- Well versed in OWASP Top 10 and CWE vulnerability classifications
- Knowledge of SQL injection, XSS, RCE, buffer overflows, filter invasion, and other application-layer attacks
- Familiarity with source code analysis products and validation (Github Advanced Security, Coverity, Veracode, Fortify, SonarQube, etc.)
- Excellent communication and interpersonal skills
- Ability to work independently as well as in a team environment
Nice to have:
- Knowledge of SIP, XMPP, or other VoiP communication protocols
- Experience with cloud architecture (AWS, OCI, GCP)
Working at 8x8:
- Industry leading, award winning technology and recognised on two Gartner Magic Quadrants
- Inclusive, supportive and collaborative culture yet with a winning mentality
- Encouragement and environment to make a difference
- Fun – check out our Instagram posts in the UK, Romania and the US, the smiles are real
- Deep passion for doing the best for our customers, giving them the best service and the best technology
Benefits:
- 25 annual leave days. Additional vacation of 1 leave day for every 2 complete years of employment (max. up to 5 days)
- Bank Holidays (Public Holidays) during the weekend, are observed on weekdays
- Participation in the company’s bonus scheme – based on company performance and individual performance
- Private Pension
- Group Life Insurance
- Private Healthcare
- Meal Tickets
- Telecom allowance
- Newborn allowance
- Christmas and Easter Allowance
- Flexible Benefits Platform
- Employee engagement activities and events
- Learning and training initiatives
- Flexible working schedule
- Employee Stock Purchase Plan
For a closer look into what life at 8x8 International and the Cluj office look like check out our Instagram page.
8x8 believes diversity makes our company stronger which is why we are a proud equal opportunities employer and encourage all of our staff to bring their authentic selves to work. We believe in fairness and we believe in security so reserve the right to undertake background checks on anyone that we extend an employment offer to.For European Job Applicants our Job Applicant Privacy Notice can be found here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Automation AWS Burp Suite CI/CD Cloud Code analysis GCP GitHub Metasploit OWASP Pentesting Privacy Product security SDLC Security assessment SonarQube SQL SQL injection Veracode Vulnerabilities Vulnerability management Web application testing XSS
Perks/benefits: Career development Flex hours Flex vacation Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs