Staff Software Engineer (Infosec)
Palo Alto Networks•Office - USA - CA - Headquarters, CA
•$151,500 - $245,025•Onsite
About The Position
As the Staff Software Engineer on the Infosec Product Security team, you will be responsible for building security into all Palo Alto Networks products end-to-end. You’ll have the opportunity to work as a key member in a deep and savvy security team and lead the company's product security initiatives end-to-end. Furthermore, you will be technically hands-on, lead security engineering and innovations, where you will be expected to directly communicate with cross-functional teams in Product Management, Development, and DevOps/SRE to drive security throughout the entire product.
Requirements
- 1+ years of hands-on experience in cybersecurity in general, with 2+ years experiences in application security, pen test, security benchmarks, and automation
- Security tooling and best practices, such as pre-commit/pre-receive hooks, dependency scanning, SAST, IAST, OSS, DAST, RASP, and vulnerability management, etc.
- Experienced on Security tools benchmarking and fine tuning.
- Basic understanding of AI/ML security concepts, including adversarial attacks, model poisoning, and data privacy.
- Perform code reviews, static code analysis, and security testing to identify and remediate vulnerabilities in our software products.
- Familiarity with industry security standards and best practices (e.g., OWASP, NIST, ISO).
- Integration, design, and architecture of AWS and/or GCP services into IAM platforms
- Microservice architecture expertise and best practices in securing APIs across multi-cloud environments
- Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business
- Bachelor's degree from four-year college or university or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc. or equivalent military experience required
Nice To Haves
- Familiarity with tools or frameworks for AI security testing and vulnerability scanning is a plus.
Responsibilities
- Build next gen Appsec technologies with automation into complex engineering CI/CD pipelines
- Protect application security throughout the life-cycle in the cloud (GCP & AWS) and on the premise
- Build risk driven intelligent automation to optimize SAST, SCA, OSS, DAST, Infra as Code (IaC), RASP integrations with advanced tooling integration
- Evangelize and lead the adoption of SDLC and security best practices across the entire application lifecycle - You’re someone that possesses strong knowledge of security from infrastructure through application and wants to help people apply it.
- Contribute to the security assessment and mitigation strategies for AI/ML models and applications.
- Stay informed about emerging threats and vulnerabilities related to AI security.
- Define and implement security tooling with the goal of improving coverage and time to action.
- Participate in the design and implementation of secure software development processes, including secure coding practices, security testing, and vulnerability management.
- Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance
Benefits
- restricted stock units
- bonus
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
