Product Security Incident Response Engineer

Job Requisition ID #

25WD88382

Position Overview

Our team of security experts helps Autodesk design, build, deploy, and maintain secure products. We are embedding security in the full spectrum of how we build our products from inception, design, development, testing to how we are running them in the cloud as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of the bad guys and use expertise, technology and other resources to thwart their efforts to compromise our products and the environment in which they operate. Our team maintains a single-minded focus on protecting our customer’s data and their investment in our products by strengthening our applications, underlying services and network. 

As part of this team, you will analyze and triage identified vulnerabilities and engage with developers across all of Autodesk’s cloud and desktop products. In this role, you will partner directly with product teams to pave the way to measure, prioritise, and reduce risk across Autodesk’s suite of product offerings. Come practice and grow your security expertise at scale and help keep Autodesk one step ahead of our adversaries!

Responsibilities

• Validate and assess severity of public and privately disclosed security vulnerabilities, and initiation of root cause analysis process

• Drive security issues to resolution through continuous engagement with product teams

• Develop reporting metrics for leadership that highlight risks and trends

• Investigate systemic vulnerability trends to improve product risk posture and reduce preventable vulnerabilities

• Use strong case management skills to ensure each case progresses towards a resolution

• Guide product stakeholders and teams to incorporate security into the software development lifecycle

• Assist in the creation of security training and workshops for application teams

Minimum Qualifications

• 2 to 4 years of experience in product/application security

• Strong knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques

• Solid understanding of MITRE CVE framework and CVSS scoring methodology

• Strong communication skills and comfort interacting with technical audiences

• Demonstrates high levels of ownership, independence, and accountability

• Familiarity with cloud computing technologies, especially AWS (Amazon Web Services) or Azure.

Preferred Qualifications

• Bachelor’s in Computer Science, Information Security, or a related discipline and 1-2 years of practical experience

• Experience triaging issues from a vulnerability disclosure or bug bounty platform such as HackerOne or Bugcrowd

• Familiarity with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis tools and methodologies

• Experience working in an Agile development environment

• Solid understanding of desktop application architecture, security principles, and operating systems

#LI-AK1

Learn More

About Autodesk
Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.

We take great pride in our culture here at Autodesk – our Culture Code is at the core of everything we do. Our values and ways of working help our people thrive and realize their potential, which leads to even better outcomes for our customers.

When you’re an Autodesker, you can be your whole, authentic self and do meaningful work that helps build a better future for all. Ready to shape the world and your future? Join us!

Salary transparency

Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, we also have a significant emphasis on discretionary annual cash bonuses, commissions for sales roles, stock or long-term incentive cash grants, and a comprehensive benefits package.

Diversity & Belonging
We take pride in cultivating a culture of belonging and an equitable workplace where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belonging

Are you an existing contractor or consultant with Autodesk?

Please search for open jobs and apply internally (not on this external site).