HashicorpSecurity Engineer II, Product & Cloud Security
Senior Security Engineer to solve problems across product and cloud portfolio, ensuring security in HashiCorp products.
Security Engineer II - Product & Cloud Security
JR104249
US -Remote
We are looking for a Senior Security Engineer to help solve problems across our product and cloud portfolio.
Security at HashiCorp is largely a remote team.
About this team
The Security team is composed of security engineers working to ensure HashiCorp delivers secure software to its customers.
In this role, your responsibilities will include:
- Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio.
- Work across various R&D teams to prioritize security features and bugs, and ensure implementation and mitigations.
- Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk.
- Act as SME in multiple information security areas (e.g. security architecture, application security, threat modeling, data protection, etc.)
- Develop internal tooling to address security problem areas.
- Contribute to the development of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc.
We are looking for talented self-starters with 5+ years of security experience.
What you’ll need (basic qualifications)
Experience in some of these topic areas:
- Experience with a modern programming language like GO or Python
- Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
- Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS).
- Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP).
- Security design / architecture and threat modeling.
- Application and infrastructure security testing methodologies and tools.
- Vulnerabilities (old and new), and options for defense / mitigation.
- Product vulnerability management lifecycle.
- Working with and/or supporting product engineering teams
- Cryptography and cryptographic primitives desired
We’re looking for a candidate with strong written and verbal communication skills, knowledge of application security topics, a pragmatic approach to security, and the ability to empathize with engineers and product managers across the company.
The base pay range for this role in the SF Bay Area / NYC area is: $174,300—$205,000 USD
The base pay range for this role in California (excluding SF Bay Area), New York (excluding NYC), Seattle Metro, Denver / Boulder Metro, Washington D.C., or Maryland is: $159,700—$187,900 USD
The base pay range for this role in Colorado (excluding Denver / Boulder Metro), Illinois, Minnesota, or Washington (excluding Seattle Metro) is: $145,200—$170,800 USD