CrowdStrikeRemote
Engineer III, Software Assurance - Product Security (Remote)
United States of America
Full Time
3 weeks ago
$120,000 - $180,000 USD
H1B Sponsor Likely
Key skills
Security systems designLinux/Unix securityScripting languagesCICD pipelinesNetworking knowledgeSoftware signing operationsMonitoring toolsSource control managementCloud platform securitySelf-motivatedJavaScriptPythonGolangShellAIJenkinsS3PrometheusDatadogSplunkGitHubBitbucketSource Control
About this role
CrowdStrike is a global leader in cybersecurity, dedicated to stopping breaches with its advanced AI-native platform. The role involves assessing, designing, and implementing security controls for the software supply chain, along with performing technical security assessments and monitoring for vulnerabilities.
Responsibilities:
- Assess risk and provide security guidance to engineers across the company on systems and software implementations
- Design and implement tools and processes to secure and monitor software build pipelines, including signing
- Harden open source code usage, development, and distribution
- Investigate systems and applications to understand and improve security posture
- Advocate for best-security practices to the entire engineering organization
- Manage end-to-end delivery of large-scale, cross-cutting security initiatives to harden CrowdStrike software supply chain systems and processes
Requirements:
- Experience working in an engineering role designing, implementing, and supporting security systems
- Experience working with and securing configurations of Linux and/or other Unix-like variants
- Proficiency in one or more common scripting languages, such as shell, Python, Golang, javascript, etc
- Domain knowledge of networking, software development lifecycle management, secure coding practices and reviews, and system hardening
- Understanding of software build pipeline applications, systems, and processes Working experience with CICD pipelines and associated tools like Jenkins, Argo CD, etc
- Experience leading large, cross-team projects and initiatives
- Familiarity with TLS best practices, ciphers, software signing operations, and public/private key infrastructure implementations and security
- Experience with common monitoring or log aggregation tools such as LogScale, Splunk, DataDog, Prometheus, etc
- Experience with source control management tools like GitHub, BitBucket, etc. Both as a user and an administrator
- Experience with common artifact storage tools like Artifactory and S3
- Experience working in and secure configurations of large-scale cloud platforms with highly concurrent systems
- Self-motivated to identify security problems and engage with teams to find solutions
- Efficient communicator with strong writing skills, experience working remotely. Experience scripting groovy pipelines and using REST APIs
- Experience working at a very large scale