Principal Software Engineer - Security
Remote, United States
Red Hat
Red Hat is the world’s leading provider of enterprise open source solutions, including high-performing Linux, cloud, container, and Kubernetes technologies.About the job
The Red Hat Product Security team is looking for a Software Engineer. In this role, you will work as part of a team responsible for the development and maintenance of applications that generate vulnerability metadata (published in standardized formats such as CSAF VEX or OVAL) for our customers and 3rd party scanning vendors. You will work on establishing a software component registry to enable governance of components making up our products. All applications are mostly backend-heavy and written in Python.
In this role, you will be a part of a small team (~10 developers) whose focus is on crafting highly usable tools, services, and solutions. You will frequently have to solve challenging data problems, be comfortable with learning new technologies when the need arises, and collaborate with other team
members to align on a common vision for the entire application portfolio.
What you will do
- Design and develop a registry for tracking software components in our products (example: create a manifest for RHEL).
- Design and develop tooling to generate a SBOM for our products.
- Design and develop API for querying our software component registry by internal teams (example: can component X in version Y be used to build Z? What is the license of component X in version Y?)
- Improve and maintain CI/CD pipelines of applications deployed in various environments (example: improving automated deployment to an OpenShift cluster).
- Serve as an adviser to our stakeholders on process-related inquiries (example: advise on data model for storing CVE which impact component X).
- Continuously improve the process of Red Hat's software delivery (example: suggest/implement automation for legal approval of components in the registry).
What you will bring
- Advanced (5+ years) knowledge of the Python programming language and its ecosystem
- Intermediate (3+ years) experience with Linux system administration
- Intermediate (3+ years) with relational databases (PostgreSQL)
- Interest in the container ecosystem (that is, Kubernetes, Red Hat OpenShift, Docker, Podman)
- Well versed with agile methodologies and comfortable with rapid iteration and fast delivery
- Good understanding of system architecture
- Good written and verbal communication skills in English
Nice to have
Any hands-on experience with the following tools and technologies is not required, but interacting with them will be a part of your daily job responsibilities:
- Django, Celery, JavaScript/HTML/CSS
- Ansible, OpenShift
- GitLab CI
The salary range for this position is $135,370 to $179,350. Actual offer will be based on your qualifications.
Tags: Agile Ansible APIs Automation CI/CD Django Docker GitLab Governance JavaScript Kubernetes Linux PostgreSQL Product security Python RDBMS Red Hat SBOM
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open PowerShell-related jobs
- Open SQL-related jobs