Principal Java Security Vulnerability Engineer
We are looking for a Principal Vulnerability Engineer who will be part of the security vulnerability team for the Java platform. This team conducts both red team (offensive) and blue team (defensive) duties. Responsibilities will include proactive research, security tooling, assessments, and assisting development teams with security code review.
Minimum Requirements:
Qualified candidates must have at least 10+ years of hands-on experience in platform security, with deep knowledge of the Java security model. Experience with security protocols and best practices is required. The ideal candidate is expected to work independently on assigned tasks, with proven past experience in successful security incident resolution and proactive research utilizing industry-standard tools. Past research and CVEs on Java security issues are a plus. Proficiency in Java and expert-level C/C++ skills, as well as systems-level programming, are required. Great personal leadership, self-starter qualities, ability to work with remote teams, and strong communication skills are essential.
Responsibilities:
1. Proactive research on new vulnerability signatures for the Java platform.
2. Create and maintain security tooling for the Java platform.
3. Conduct security assessments for new features that will be integrated into the JDK.
4. Assist development teams with security code review.
Ability to code in Java and perform implementation code review for both Java and native source code is required.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
IT Services and IT Consulting
#J-18808-Ljbffr