Product Security Engineer, Principal

We are Progress (Nasdaq: PRGS) - the experienced, trusted provider of products designed with customers in mind so they can develop the applications they need, deploy where and how they want, and manage it all safely and securely.   We’re proud to have a diverse, global team where we value the individual and enrich our culture by considering varied perspectives because we believe people power progress. Join us as a Product Security Engineer, Principal and help us do what we do best: propelling business forward.   In this role you will:  

• Security Policy Implementation: Implement and enforce security policy requirements, conduct risk assessments, and conduct vulnerability testing. 
• Security Engineering & Assurance: The Security Engineering & Assurance role involves conducting design and architecture reviews, threat modeling, secure code reviews, and cryptographic reviews to ensure robust security measures. Additionally, the position supports the open source ecosystem, engages in platform security engineering, and augments internal security engineering efforts. The role also includes research and development activities, particularly in compilers and binary translation research, to advance security technologies and practices.  
• Technical Expertise: Provide technical direction to engineering teams on various security areas, including network security, platform security, authentication/authorization systems, application security, and security frameworks. 
• Engineering Initiatives: Take leadership of security engineering initiatives for production and corporate infrastructure. 
• Subject Matter Expertise: Serve as an information security engineering subject matter expert, analyze attacks on customer applications from internal and external sources, proposing mitigations and fixes. 
• Incident Management: Manage security vulnerability resolution according to company policies. This requires immediate response and working with affected teams to investigate and mitigate/remediate the vulnerabilities. Clear communication skills are critical. 
• Real-Time Response: Ensure timely and effective responses to security incidents. This involves coordinating with incident response teams, analyzing threat data, and implementing mitigation measures. 
• Continuous Improvement: Stay informed about emerging threats and lead changes to security processes accordingly. Regularly assess and propose changes, that lead to improving the effectiveness of security operations.  
• Collaboration: Work closely with other internal and customer security professionals, including network engineers, system administrators, and threat analysts.  

Your background:  

• Bachelor’s or equivalent industry experience in Software Engineering, Information Security, or related fields.  
• Business Application security patterns
• Choosing and applying Cryptography for confidentiality, integrity, and availability
• Software Security engineering best practices
• Authentication, authorization, and network security protocols
• Linux OS system security features and best practices
• Windows OS system security features and best practices 
• Knowledge of secure software development practices across distributed, container, and private/public cloud computing environments  
• Familiarity with network security devices, and security software product solutions.  
• Knowledge of Machine Learning practices on creating the standards against which ML (and AI) projects using Large Language Models & RAG can be reviewed, and creating tools and techniques that help researchers assure the safety and security of the systems.  
• 7+ years of experience with security operations systems (e.g., IDS, SIEM, anti-virus log collection systems).  
• Certifications: Industry certifications like CISSP, CISA, CEH, or GSEC are desirable.

 If this sounds like you and fits your experience and career goals, we’d be happy to chat. What we offer in return is the opportunity to experience a great company culture with wonderful colleagues to learn from and collaborate with and also to enjoy:   Compensation  

• Competitive remuneration package  
• Employee Stock Purchase Plan Enrollment 

Vacation, Family, and Health

• 30 days of earned leave
• An extra day off for your birthday
• Various other leaves like marriage leave, casual leave, maternity, and paternity leave
• Premium Group Medical Insurance for employees and five dependents, personal accident insurance coverage, life insurance coverage
• Professional development reimbursement  
• Interest subsidy on loans - either vehicle or personal loans

 Apply now! #LI-SR1 #LI-Hybrid