Dell Product Security Engineer – Cloud and DevOps in Hopkinton, Massachusetts

Product Security Engineer – Cloud and DevOps

Hopkinton, MA

Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.

The Product Security Engineer will join Dell’s Product Security Office. This role will be working with several complex Dell EMC products and will lead, mentor and influence them into implementing Secure Development controls in their products. Specific experience in building security for Cloud-based solutions in an Agile or DevOps environment is required.

Key Responsibilities

  • Proactively advise product teams on secure design and coding considerations

  • Create and/or update threat models for new and existing products, rate risks using CVSS and provide mitigation recommendation to engineers

  • Translate security risks to business impact

  • Lead Secure design and coding workshops to teach other engineers at Dell EMC how to securely design and implement code

  • Contribute to the future versions of Security policy and standards and associated controls

  • Be the Secure Development Lifecycle (SDL) evangelist for Dell EMC business units and work across company product groups as the subject matter expert on SDL

Essential Requirements

  • Master's Degree in Information Security or similar technical field strongly preferred

  • Understanding of prevalent security vulnerabilities such as authentication bypass, command injection and cross-site request forgery, their impact, and their efficient remediation

  • Understanding and hands-on experience of secure software development practices including threat modeling, secure design principles, secure coding, code analysis, and security testing(the candidate should be a demonstrated expert in at least one of these activities and should have functional mastery of the others)

  • Proven experience in building security in Cloud-based solutions, DevSecOps, CD/CI is required

  • Ability to articulate business impact of software security problems translating them into worst case scenarios

Desirable Requirements

  • Knowledge of Containers, Micro-Services and Container Orchestration technologies is a strong plus

  • Competency in secure coding in multiple languages, including at least one scripted and one compiled language

  • Strong understanding in software development methodologies such as waterfall and Agile

  • Industry certifications: GIAC, CISA and/or CISSP, CSSLP desired

  • Knowledge of Containers, Micro-Services and Container Orchestration technologies is a strong plus

  • Ability to work with diverse and global teams.

Benefits

We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.

If you can ensure the highest level of security for our customers, this is your opportunity to develop with Dell.

Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here .