isecjobs.com

Product Security Engineer

Gdansk, Poland

Full Time Mid-level / Intermediate EUR 72K - 134K * est.
Company logo

Adtran

Adtran is a leading global provider of open, disaggregated networking and communications solutions that enable voice, data, video and internet communications across any network infrastructure.

View all jobs at Adtran

Apply now Apply later

Welcome!

Our Growth is Creating Great Opportunities!

Our team is expanding, and we want to hire the most talented people we can.   Continued success depends on it!  Once you've had a chance to explore our current open positions, apply to the ones you feel suit you best and keep track of both your progress in the selection process, and new postings that might interest you!

Thanks for your interest in working on our team!

ADTRAN is seeking a Product Security Engineer for Mosaic Network Controller network management system.

Our system manages WDM Optical, Ethernet, and Synchronization and Timing networks, ensuring our customers' success in operating their solutions. Our solutions are used globally by Tier 1 Network Service Providers, Regional Service Providers, Data Center Operators, and various Enterprises that prioritize system security, network speed, performance, and reliability.

Tech stack:

  • Java 17 as core language (using Spring, Spring Boot, Jetty, JUnit).

  • Kafka and JMS for messaging.

  • Node.js (JS and TypeScript) as middleware.

  • React for Web front-end services.

  • JavaFX for installable client application.

  • Docker Swarm for deployment orchestration.

  • Gradle for build process and dependencies management.

  •  Team City for CI.

As a Product Security Engineer, you will join our Software Architecture and Delivery Engineering team, which designs and supports the deployment of solutions across various teams and technologies. You will collaborate closely with Software Engineers worldwide, as well as System Design Authorities (responsible for product specifications), Product Owners, Product Line Managers, and Product Security Incident Response Team.

We are excited to welcome you to our team and look forward to developing our Mosaic Network Controller with you on board.

Duties and Responsibilities

  • Manage response to reported product security incidents (detected internally or by customers).

  • Prepare analysis and risk assessment for product security issues.

  • Support customers security audits.

  • Assure Security Tests are embedded into product development process.

  • Support definition and prioritization of the work cascaded to development teams in context of Secure System Design.

  • Sharing knowledge and experience with development teams regarding Product Security.

  • Prepare Security reports based on executed tests and vulnerabilities status. 

Basic Qualifications 

  • Bachelor’s degree in computer science, Computer Engineering, Software Engineering, Computer Information Science, Electrical Engineering, or equivalent education required.

  • At least 4 years of experience with IT R&D products development.

  • Proven professional experience with the development of software products security.

  • Good understanding of DAST, SAST, Pen Tests.

  • Experience in working with SCA tools and Security Scanners (i.e. Black Duck, Trivy, Grype, Nessus, Defensix, nmap, CIS Benchmark Scan)

  • Good understanding of CVEs and ability to assess of impact on developed product.

  • Good understanding of OS and containers hardening (practical experience in this aspect will be advantage).

  • Experience in processes definition and introduction into organization.

  • Ability to manage your own tasks and priorities efficiently.

  • Strong coordination skills in handling tasks delegated to external teams.

  • Excellent teamwork abilities and effectiveness in cross-site communication.

  • At least B2 English and B2 Polish proficiency level.

Preferred Qualifications  

  • Good understanding of Continuous Integration and Continuous Deployment (CI/CD) aspects.

  • Ability to utilize SBOMs and OpenAPI for security testing.

  • Ability to automate the tasks (preferred hands-on experience with Python and bash scripting).

  • Experience in developing containerized applications (Docker or equivalent).

  • Experience in developing web-based applications.

  • Understanding of containerized applications composition, deployment, and orchestration.

  • Basic knowledge of telecommunication networks or device management applications would be advantage.

Compensation and Benefits

  • Stable employment conditions based on an employment contract (turnover rate below 4%)

  • 1 additional vacation day for all, and 1 extra after 10 years being with us.

  • Flexible working hours and hybrid work (presence in the office in Gdynia 3 days a week)

  • English lessons during working hours

  • Internal training program to support your training needs.

  • Paid employee referral program.

  • Multisport Card

  • 3% employer contribution to PPK

  • Private Health Care at Medicover (extended package for employees and possibility to enroll family members)

  • Strong collaborative and friendly work culture

  • Access to various sports activities and events

  • Modern office (well-equipped gym and playroom) close to the SKM/PKM stations

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  3  2  0
Category: Security Engineering Jobs

Tags: Audits Bash Black Duck CI/CD Computer Science DAST Docker Ethernet Incident response Java Kafka Nessus Nmap Node.js Product security PSIRT Python R&D Risk assessment SAST Scripting TypeScript Vulnerabilities

Perks/benefits: Career development Fitness / gym Flex hours Flex vacation Health care Team events

Region: Europe
Country: Poland

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsInformation Security Manager jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Specialist jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSenior Software Engineer jobs
Java jobsEncryption jobsEDR jobsBash jobsTS/SCI jobsIDS jobsIPS jobsThreat detection jobsSQL jobsTerraform jobsSDLC jobsSplunk jobsMalware jobsTop Secret jobsFinance jobsDocker jobsForensics jobsSOC 2 jobsRMF jobsActive Directory jobsCompTIA jobsIntrusion detection jobsITIL jobsOWASP jobsGIAC jobs
DoDD 8570 jobsVPN jobsAnsible jobsHIPAA jobsOSCP jobsIT infrastructure jobsData Analytics jobsTCP/IP jobsUNIX jobsCCSP jobsCRISC jobsSAP jobsBanking jobsSANS jobsSOAR jobsSOX jobsJavaScript jobsMITRE ATT&CK jobsSecurity strategy jobsClearance Required jobsMachine Learning jobsZero Trust jobsDNS jobsJira jobsPolygraph jobs