The Red Hat Product Security team is looking for a Product Security Engineer to join us in Canada. In this role, you will contribute to security efforts for the Red Hat JBoss Enterprise Application Platform (JBoss EAP), including Red Hat Fuse. You will also reduce the risk to Red Hat’s customers by constantly monitoring for vulnerabilities and threats that affect their components, triaging their impact to customers, and quickly addressing any issues found. You’ll need to be able to uphold Red Hat’s incomparable record for addressing security flaws in our solutions, while ensuring our security measures are consistent and dependable in all of our offerings.
Primary job responsibilities
- Serve as a contact for security issues affecting Red Hat Middleware offerings
- Triage security issues affecting Red Hat Middleware offerings and work with the Engineering and Quality Engineering (QE) teams to produce and ship patches for these issues
- Work with emerging upstream projects to create security response processes
- Coordinate the release of security patches
- Implement automated mechanisms to reduce the risk of security issues entering upstream code
- Communicate with software developers, managers, and quality engineers about security best practices
- Excellent working knowledge of Java-based integration and communication technologies like Apache Camel and Kafka, Red Hat Fuse, or Red Hat AMQ
- Working experience with Serverless or Knative
- Ability to perform security triage and analysis of security flaws, including Common Vulnerability Scoring System (CVSS) metrics scoring, Common Weakness Enumeration (CWE) categorization, and Common Vulnerabilities and Exposures (CVE) assignment processes
- Working knowledge of Open Web Application Security Project (OWASP) Top 10 Web Application Security Risks
About Red Hat
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, uniformed services, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.