Symantec Security Engineer (CPE) - Symantec in Mountain View, California

Security Engineer

(Cloud Platform Engineering)-Mt View, CA

About Us

Symantec is building a Hybrid Cloud platform to host all of our cloud-based products. We are currently using Amazon Web Services (AWS) to provision Virtual Machines, and OpenShift and Kubernetes for container management. You will be working with fun, talented people who joined the team from other well-known companies such as Google, PayPal, Yahoo, etc.

About You

You are passionate about technology and security, have formed your own opinions about which technologies are better suited to different problems and why they are better, but remain flexible and open to alternative technologies and approaches. You recognize that effective security requires a nuanced approach to balancing security, business needs and human factors. You thrive on fresh ideas and are comfortable in a dynamic, changing environment.

Responsibilities

The role of Cloud Platform Engineering (CPE) Security Engineer is to maintain the security of our multi-tenant, data-intensive, Hybrid Cloud, covering everything from network configurations to the run-time complexities of securing containerized workloads dependent on dynamically discovered micro-services.

Your Day-to-Day Functions:

  • You’ll effectively advocate for security engineering within the CPE team by teaching sound security engineering practices, which may include producing code samples and test methods; reviewing test plans and code analysis metrics of our teams; designing and implementing connections between vulnerability scan results and corrective actions.

  • You’ll develop/deploy and operate best-of-class tools to detect security threats and incidents; respond to detected threats by driving the quick mitigation of such issues by the larger engineering team; work with security experts within Symantec to characterize and propagate knowledge of these threats to our product teams and customer base.

  • You’ll work with operations and development staff to strike a sound business balance in our security policies between agility, productivity and convenience on one hand, and the confidentiality, integrity and availability of customer data on the other.

  • Periodically you will evaluate the effectiveness of our security controls through penetration testing and other forms of threat modeling, log analysis, incident Pareto charts and other methods.

What Success Looks Like:

  • After 3 months, you will have acquired a deep understanding of how our Hybrid Cloud platform and services operate to provide applications with a secure, available and easy-to-use run-time environment. You will have created and updated architectural diagrams and deployment models to reflect the “as-built” reality instead of the “as-designed” intention. You will be comfortable navigating the flow of confidential data across multiple platforms, through multiple services and past our security control and monitoring points.

  • After 12 months, you’ll be collaborating with Symantec’s enterprise security experts to share with them your learnings about the novel threats you’ve seen and the steps you’ve taken to secure the Hybrid Cloud, as well as providing feedback to our enterprise security product teams. You’ll be conversant with the controls required to for our cloud to meet common certification requirements.

Qualifications:

Required:

  • Passionate about data security with a strong desire to learn more from the industry’s leading experts about Hybrid Cloud security issues, cryptography, threat modeling, penetration testing, and secure software development.

  • Recent experience securing production workloads in public clouds (AWS, Google, Azure, other)

  • Recent experience implementing federated IAM (e.g., RBAC, SSO, SAML, Shibboleth, Kerberos) with deep understanding of authz/authn problems and solutions.

  • Professional experience developing applications using mainstream OO technologies (Go, C++ or Java)

  • Excellent interpersonal skills and ability to work in cross-functional, global environment

  • BSEE or equivalent, or equivalent practical experience

Preferred:

  • Current security certification (e.g., CISSP, CEH, CISA, CISM, SECURITY+, OSCP, CCSK/CCSP)

  • Detailed knowledge of networking, storage and computing protocols and technologies.

  • Recent experience evaluating tools (AFW, IDS/IPS, DLP, pen testing, static code analysis)

  • Recent experience writing operational scripts in one of Ruby, Python or Perl

  • Familiarity with modern configuration mgmt tools (e.g., Puppet, Ansible, Chef or Salt)

  • Familiarity with cloud orchestration tools (e.g., CloudFormation, Scalr, CloudFoundry)

  • Familiarity with security technologies available in AWS, GCE, Azure and OpenStack

  • Familiarity with logging and monitoring concepts and technologies (ELK or Splunk)

  • Familiarity with the principles of encryption, server certificates, and key management

  • Familiarity with tools for investigating network performance and connectivity

====================​====================​

Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.

Relentlessly protect the world’s information. Make a difference at Symantec. Across the globe, we are an ‘essential’ partner to both consumers and businesses of all sizes. We combine our talents, our brains, and our creative energy to reinforce our place as a world-class technical community.

Our most critical asset at Symantec is the talent we hire - you! We look for people who have a desire to excel and reflect our values: Innovation, Action, Customer-Driven, and Trust. We recognize that every opening in our company is a chance to increase Symantec's competitive advantage, and we are willing to invest in you in order to win.

Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.

Symantec will respond to requests for reasonable accommodations to assist you in applying for positions at Symantec, or to submit a resume. If you need to request an accommodation, please contact HR Service Exchange at https://symantec.service-now.com/hrp/ .

EEO is the Law. Applicants and employees of Symantec Corporation are protected under Federal law from discrimination. Click here at http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf to find out more.