Product and Application Security Engineer
Primary Location: Austin, Texas
Annapolis Junction, Maryland, United States; Apex, North Carolina, United States; Atlanta, Georgia, United States; Bedford, Massachusetts, United States; Bethesda, Maryland, United States; Charlotte, North Carolina, United States; Chesterbrook, Pennsylvania, United States; Chicago, Illinois, United States; Columbus, Ohio, United States; Conshohocken, Pennsylvania, United States; Dallas, Texas, United States; Durham, North Carolina, United States; East Rochester, New York, United States; El Paso, Texas, United States; Franklin, Massachusetts, United States; Hopkinton, Massachusetts, United States; Houston, Texas, United States; Irvine, California, United States; Lisle, Illinois, United States; McLean, Virginia, United States; Miami, Florida, United States; Nashua, New Hampshire, United States; Nashville, Tennessee, United States; New York City, New York, United States; Palo Alto, California, United States; Pittsburgh, Pennsylvania, United States; Pleasanton, California, United States; Providence, Rhode Island, United States; Remote - Alabama, United States; Remote - Arizona, United States; Remote - Florida, United States; Remote - Georgia, United States; Remote - Illinois, United States; Remote - Louisiana, United States; Remote - Massachusetts, United States; Remote - Mississippi, United States; Remote - New Hampshire, United States; Remote - New Jersey, United States; Remote - New Mexico, United States; Remote - North Carolina, United States; Remote - Ohio, United States; Remote - Pennsylvania, United States; Remote - Rhode Island, United States; Remote - South Carolina, United States; Remote - Tennessee, United States; Remote - Texas, United States; Remote - Washington, United States; Research Triangle Park, North Carolina, United States; Reston, Virginia, United States; Richardson, Texas, United States; Richmond, Virginia, United States; Round Rock, Texas, United States; San Antonio, Texas, United States; San Francisco, California, United States; Santa Clara, California, United States; Santa Monica, California, United States; Scottsdale, Arizona, United States; Seattle, Washington, United States; Tampa, Florida, United States; Vienna, Virginia, United States; Wallingford, Connecticut, United States; Warren, New Jersey, United States; Washington, DC, District of Columbia, United States
Product and Application Security Engineer
Location: Remote – United States
The security of customers’ data and systems is of paramount importance to Dell Technologies. Our Product and Application Security team designs and develops software and systems to minimize security risks within our products. As experts working at the forefront of security, we undertake vulnerability response handling, implement the secure development lifecycle, coordinate security certifications, and develop common software security components and toolkits. As well as ensuring the authenticity and integrity of the product code during product development, we mitigate risks of sourcing and delivery of counterfeit or maliciously tainted components in our products.
Join us to do the best work of your career and make a profound social impact as a Product and Application Security Engineer on our Product & Application Security team in the United States.
What you’ll achieve
As a Product & Application Security Engineer, you will join Dell’s Product Security Incident Response Team (PSIRT) to help identify and resolve vulnerabilities in Dell products. You will consult with engineering teams on security best practices, industry trends and common pitfalls; and you will communicate with security researchers, research organizations, vendors and coordination centers on issues relating to security vulnerabilities in Dell products and applications.
Are you excited by the idea of understanding the root causes of security vulnerabilities to help secure future products and applications? Do you enjoy working with the overall information security community and bringing that knowledge back to others? Do you believe that Product Security isn't just interpreting scan results but building security into your development culture? This may be the role for you.
- Perform analysis on vulnerability reports submitted by researchers, customers and Dell employees, and work with engineering teams to verify the issues and their fixes
- Work with engineering teams to evaluate the impact of vulnerabilities to Dell products and applications, including technical severity and end-user impact
- Conduct technical Root Cause Analysis on Dell vulnerabilities and help identify areas for further research, education or testing
- Apply Common Vulnerability Scoring System (CVSS) vectors to security vulnerabilities and map them to industry categories such as Common Weakness Enumeration (CWE) and OWASP Top 10
- Perform technical reviews of Security Advisories and other communications related to vulnerability disclosure and remediation
Take the first step towards your dream career
Every Dell Technologies team member brings something unique to the table. Here’s what we are looking for with this role:
- 5+ years of related experience, specifically in Product & Application Security, Security Operations and Incident Response
- In-depth knowledge of CVSSv3, CWE, OWASP Top 10 and CWE/SANS TOP 25 Most Dangerous Software Errors
- Knowledge of several security domains and modern software development practices
- Understanding of Security Development Lifecycle (SDL) practices such as threat modeling, security testing and secure code reviews
- Ability to work with distributed teams across multiple time zones and geographies
- Bachelor’s degree in Computer Science, Information Systems or a related field; or equivalent professional experience
- Experience in security incident response preferred
- Experience in software development (C/C++, Java or Python) preferred
- SANS/GIAC, CSSLP certifications preferred
Here’s our story; now tell us yours
Dell Technologies helps organizations and individuals build a brighter digital tomorrow. Our company is made up of more than 150,000 people, located in over 180 locations around the world. We’re proud to be a diverse and inclusive team and have an endless passion for our mission to drive human progress.
What’s most important to us is that you are respected, feel like you can be yourself and have the opportunity to do the best work of your life -- while still having a life. We offer excellent benefits, bonus programs, flexible work arrangements, a variety of career development opportunities, employee resource groups, and much more.
We started with computers, but we didn’t stop there. We are helping customers move into the future with multi-cloud, AI and machine learning through the most innovative technology and services portfolio for the data era. Join us and become a part of what’s next in technology, starting today.
You can also learn more about us by reading our latest Diversity and Inclusion Report and our plan to make the world a better place by 2030 here.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here.
LIPRIORITYJob ID: R106359