Staff Security Software Engineer - Tanzu Observability - Opportunity for Working Remotely
Primary Location: Columbus,Ohio
The Elevator Pitch: Why will you enjoy this new opportunity?
You have an analytical mind and a genuine passion for the craft of creating secure software platforms at scale. You love learning new technologies, building hugely scalable systems, and create systems that are secure against layers of vulnerabilities. You love using your technical skills and understanding to provide your customers peace-of-mind.
Tanzu Observability by Wavefront offers many opportunities for applying your creativity and skills to a cutting-edge cloud observability platform. We are a growing team developing a SaaS product that is used 24/7 by development and site-reliability teams at leading enterprises such as Lyft, Workday, Reddit, Snowflake, Intuit, Box, and many more!
What is the primary need, technical challenge, and/or problem you will be responsible for?
As a staff engineer you will own the delivery of robust and secure backend features as well as help drive the security and compliance of the Tanzu Observability platform from the developer side, especially as we pursue standards such as ISO 20071, SOC-2, and FedRAMP.
You will contribute as a staff backend engineer of Tanzu Metrics Observability, working on problems in high-scale data-ingestion, querying, and visualizations of metric, histogram, and event data streams with a security and scalability lens.
You will also help make the creation and management of observability practices such as alerting, notifications, dashboarding, and root cause analysis using AI-driven insights secure, intuitive and easy-to-use.
To enable the compliance aspect, you will also be working closely with security architects and the release and SRE teams as you design and implement security controls and best practices in the code and in the development and deployment processes. You will help drive vulnerability assessment and remediation by working alongside corporate security teams and Tanzu Observability engineering management, to prepare and maintain the platform for compliance audits and assessments and lead other software engineers for security-oriented projects.
What differentiates us in the current observability landscape is our scalable and extremely powerful data platform and UI, and you will play a key role in taking our platform to the next level.
Success in the role: What are the performance goals over the first 6-12 months you will work toward completing?
Deliver features on the Java backend for different pillars of observability (metrics, histograms, events, etc.), in data querying, ingestion, and/or alerting.
Help shepherd Tanzu Observability through the security compliance process by joining meetings with compliance teams and project managers. Then you will address compliance requirements by remediating vulnerabilities, updating obsolete libraries, developing new security features within the SaaS product, designing changes to the CI/CD processes to ensure code integrity, and potentially building and designing operations in new, more secure and restrictive cloud environments.
Become a leading technical voice on the team, conducting code reviews, mentoring junior engineers, and influencing technical and/or product decisions.
What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
As a key member of Tanzu Observability team,
You will be part of the engineering leadership for a stellar team that has delivered a world-class platform for ingesting and querying different pillars of observability (metrics, histograms, events, etc.)
You will write Java code for backend features in a correct, performant, secure, and maintainable manner.
You will be part of design and code meetings, reviewing through a security-focused lens to maintain code quality.
You will help plan and conduct code, build, and deployment changes necessary to strengthen the security of the Tanzu Observability platform.
You will review vulnerability and bug reports, prioritize necessary remediations, and help execute said remediations.
You should have great communication and presentation skills.
During non-pandemic times, we spent most of our time in VMware office and we hope to return to the office someday. Right now, we’re all completely remote and remote teamwork is increasingly important to us. You should be able to collaborate remotely via Slack/Zoom etc.
The technical experience in your background which may help your success in this new role include:
Java RESTful backends, including Dropwizard and Spring, Guava, Guice, different garbage collectors, Jersey, Jetty, Netty, and the Java networking stack.
Distributed systems and microservice libraries, such as gRPC, Avro, Thrift, Envoy, Istio, etc.
Massive-Scale NoSQL data stores such as Cassandra, HBase, FoundationDB, etc.
Knowledgeable about secure coding practices such as OWASP TOP 10, CVEs and security tools such as Lacework, Acunetix, Penetration Testing, Intrusion Detection, Static Analysis (Black Duck, Coverity), etc.
Experience with certification against with one or more security and compliance standards: FedRAMP, PCI, ISO 20071, SOC-2, HIPAA, is a plus.
Previous experience with observability or monitoring such as Grafana, Prometheus, TICK stack, StatsD, DataDog, SignalFX, is a plus.
We know from experience that not ticking every box on the skills sections stops many from applying. Please apply regardless of your self-assessment -- we want to hear from you! We have seen engineers succeed with a diverse range of skills and experiences.
What is the leadership like for this role? What is the structure and culture of the team like?
This role is for the Metrics Observability subgroup (out of 4) within Tanzu Observability. The leadership chain for Metrics Observability include a senior manager who has been with the Wavefront product since 2015, a senior engineering director who has been with Wavefront since 2018 and with VMware for over a decade, and a principal engineer who co-founded of Wavefront back in 2013.
Metrics Observability currently has around 15 engineers and is still rapidly growing. We used to mostly work out of the Palo Alto office but have now fully adapted to remote work, with team leads and members in the SF Bay, Austin and Denver.
Culturally, the team is focused on innovation, customer value, execution, growth, and kindness. We retain the original startup DNA in our responsiveness and respect towards everyone’s contributions and focus on exciting big ideas, innovation, and features and fixes that deliver customer value. However, we have the stable backing VMware, which is itself a values-driven company and a great place to work!
What are the benefits and perks of working at VMware?
You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com.
Employee Stock Purchase Plan
Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
Generous Time Off Programs
$1000 / year budget employee wellness
40 hours of paid time to volunteer in your community
Rethink’s Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
Healthy and local inspired snacks in all our pantries
Category : Engineering and Technology
Subcategory: Software Engineering
Experience: Business Leadership
Full Time/ Part Time: Full Time
Posted Date: 2021-04-27
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law. Job ID: R2016522