Product Security Engineer (DevSecOps)

Description

JOB SUMMARY

The Product Security Engineer, DevSecOps team member is expected to have foundational knowledge of IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies. The ideal candidate will have knowledge of industry security frameworks such as OWASP SAMM and will be a strong communicator. They will be responsible for supporting the identification of product and application security threats as well as areas of weakness in products and applications for improvement.

This position will be primarily based out of Westerville, OH - HQ office, and will consistently work under the guidance and processes of global security team while assisting regional as well as global engineering groups. The Product Security Engineer, DevSecOps team member will be expected to use their knowledge and experience to contribute to improving internal secure processes and procedures.

Responsibilities:

In addition to anticipating possible security threats and identifying areas of weakness, the Product Security Engineer must:

Participate as a Security Engineer to work in development, operations activities daily

Support building various tools, processes for the business and for engineering teams through various software development skills and coding practices (OOPS preferred)

Code management and maintenance through DevOps and CI/CD pipelines

Thorough Gitlab usage and maintenance for daily activities tracking, source code management, DevOps and CI/CD

Support internal security team efforts, cross-functional activities

Act as a primary point of contact for regional engineering teams for secure best practices and processes

Assist engineering teams in adopting secure development best practices and processes

Assist in executing internal product security program and vulnerability management processes including triage and tracking closures of issues identified

Provide support to regional and global initiatives as assigned

Requirements:

A bachelor’s degree in information technology, Computer Science or related Engineering field is highly desirable.

Total 2 - 4 years of relevant experience in Software Development, Coding (especially OOPS, C++ etc.), DevOps and CI/CD

Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are a plus but not required

Good working knowledge of current Software Development environments, IT risks and experience implementing security solutions.

Ability to interact with a broad cross-section of personnel to articulate and enforce security measures through internal product security program and vulnerability management processes

Excellent written and verbal communication skills as well as business acumen

Strong technical documentation, diagramming, and presentation skills

Effective communication skills and goal-oriented

Ability to work effectively within a team environment and deliver on assigned objectives

Demonstrated collaboration skills within cross-functional environments

Meaningful technical contributions into the development lifecycle of a product, application, and service with guidance from senior team members

Preferred knowledge experience includes:

Software Development experience in IT Applications, embedded systems / software and/or web-based applications that includes lab activities with and debugging on target hardware

Experience with:

using git and related source code management tools

Linux kernel and networking stack including security features

On-premises and cloud-based multi-tiered applications

Operating system configuration of Windows, Linux, Android, and iOS

Computer boot process including boot loaders

Familiarity with compilers, debuggers, disassemblers, and other low-level development and analysis tools

Circumventing security protection methods and techniques

Reverse engineering complex systems and protocols

The successful candidate will embrace Vertiv’s Core Principals & Behaviors to help execute our Strategic Priorities.

OUR CORE PRINCIPALS: Safety. Integrity. Respect. Teamwork. Diversity & Inclusion.

OUR STRATEGIC PRIORITIES

• Customer Focus

• Operational Excellence

• High-Performance Culture

• Innovation

• Financial Strength

OUR BEHAVIORS

• Own It

• Act With Urgency

• Foster a Customer-First Mindset

• Think Big and Execute

• Lead by Example

• Drive Continuous Improvement

• Learn and Seek Out Development

About Vertiv

Vertiv is a $10.2 billion global critical infrastructure and data center technology company. We ensure customers’ vital applications run continuously by bringing together hardware, software, analytics and ongoing services. Our portfolio includes power, cooling and IT infrastructure solutions and services that extends from the cloud to the edge of the network. Headquartered in Columbus, Ohio, USA, Vertiv employs around 20,000 people and does business in more than 130 countries. Visit Vertiv.com to learn more.

Work Authorization

No calls or agencies please. Vertiv will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need sponsorship for work authorization now or in the future, are not eligible for hire.

Equal Opportunity Employer

Vertiv is an Equal Opportunity/Affirmative Action employer. We promote equal opportunities for all with respect to hiring, terms of employment, mobility, training, compensation, and occupational health, without discrimination as to age, race, color, religion, creed, sex, pregnancy status (including childbirth, breastfeeding, or related medical conditions), marital status, sexual orientation, gender identity / expression (including transgender status or sexual stereotypes), genetic information, citizenship status, national origin, protected veteran status, political affiliation, or disability. If you have a disability and are having difficulty accessing or using this website to apply for a position, you can request help by sending an email to .

#LI-RB1