Join us as a Product Security Architect, where you'll play a key role in vulnerability assessment and penetration testing to enhance product security. If you're passionate about cybersecurity, risk mitigation, and proactive defense, this role is for you!
Requirements
- Develop Tailored Assessment Profiles by collaborating with clients to define scope, methodologies, risk assessment criteria, and reporting structures.
- Configure & Customize Vulnerability Scans, creating tailored policies for network, application, compliance, and sensitive data exposure scans.
- Conduct Authenticated & Unauthenticated Scans across telecom networks and cloud environments (VNF, CNF), troubleshooting and debugging issues.
- Perform Compliance & Benchmark Scans using CIS frameworks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure industry best practices.
- Risk Triage & Severity Analysis, verifying false positives, assessing impact, and prioritizing vulnerabilities using the CVSS matrix.
- Evaluate & Prioritize Vulnerabilities based on CVSS scoring, exploitability, and telecom-specific risks (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G).
- Assess Cloud Security Risks, conducting vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes).
- Recommend & Implement Remediation Strategies, including patching, configuration hardening, workarounds, and compensating controls.
- Leverage Threat Intelligence to analyze known exploits, assess real-world risks, and track active threats (e.g., POC exploits, exploits in the wild).
- Work with Security Frameworks & Tools, including NIST, ISO 27001, CIS, ServiceNow, Jira, and ensure security hardening for Linux, Windows, and cloud environments.
Benefits
- Continuous learning opportunities
- Well-being programs to support you mentally and physically
- Opportunities to join and get supported by employee resource groups
- Mentoring programs
- Diverse teams with an inclusive culture where people thrive and are empowered