Staff - Security Engineer 4

Please Note:

1. If you are a first time user, please create your candidate login account before you apply for a job. (Click Sign In > Create Account)

2. If you already have a Candidate Account, please Sign-In before you apply.

Job Description:

Staff Security Engineer

The Elevator Pitch: Why will you enjoy this new opportunity?

VMware by Broadcom products and services are trusted by various organizations for their mission critical systems. Many of these systems demand the highest confidentiality and are of extreme interest to nation state actors. The vSECR team within the VCF (VMware Cloud Foundation) Division at Broadcom is responsible for defending these products, services and their supply chains. 

If helping find and fix security holes in these systems is your idea of a fun career, then you should come join this team.

The VCF Division works to build products and solutions that power the hybrid cloud. Working alongside other highly motivated and capable security engineers you will get first-hand experience in modern threats and defense techniques.

Success in the Role: What are the performance outcomes over the first 6-12 months you will work toward completing?

Security Engineers on this team are responsible for finding new vulnerabilities in VMware products and services, assessing threats, analyzing externally reported vulnerabilities, developing PoC exploits, utilizing exploit kits, providing vulnerability mitigations, virtual patches, workarounds and fix recommendations. They achieve this by performing feature security reviews, baseline security tests, fuzzing, reviewing/writing code, security tool development/integration, and other techniques. 

In the first 6mths, you will be expected to become intimately familiar with the products/components assigned to you. You should also be able to assess threats and perform security testing to find and fix security issues in those components in collaboration with a member of your team. Within 1year, you are expected to be fairly independent in doing security assessments and driving mitigations/remediations with product development teams.

The Work: What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?

• Methodically create/execute feature and system test plans and automate your efforts  

• Perform an offensive analysis of VMware products and cloud services, with an assumed breach mindset, that include software defined compute/network/storage, cloud security, and cloud-native solutions.  

• Use your code reading and writing skills to discover security defects  

• Enable models for SOC to detect similar family of techniques  

• Make entire kill-chain understandable for an engineering audience (Principal Engineers, SREs and executives) as well as Security and Incident Response peers  

• Bachelor's degree in Computer Science or related field and 8+ years of related experience or Masters degree in Computer Science or related field and 6+ years of related experience.

Additional Job Description:

Compensation and Benefits 

The annual base salary range for this position is $119,000 - $190,000.

This position is also eligible for a discretionary annual bonus in accordance with relevant plan documents, and equity in accordance with equity plan documents and equity award agreements. 

Broadcom offers a competitive and comprehensive benefits package: Medical, dental and vision plans, 401(K) participation including company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company paid holidays, paid sick leave and vacation time. The company follows all applicable laws for Paid Family Leave and other leaves of absence. 

Broadcom is proud to be an equal opportunity employer.  We will consider qualified applicants without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability status, medical condition, pregnancy, protected veteran status or any other characteristic protected by federal, state, or local law.  We will also consider qualified applicants with arrest and conviction records consistent with local law.

If you are located outside USA, please be sure to fill out a home address as this will be used for future correspondence.