Product Security Engineer - Threat Labs
Product Security Engineer - Threat Labs
This role has been designated as 'Remote/Teleworker', which means you will primarily work from home.
Who We Are:
Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work.
We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world.
Our culture thrives on finding new and better ways to accelerate what's next.
We know varied backgrounds are valued and succeed here.
We have the flexibility to manage our work and personal needs.
We make bold moves, together, and are a force for good.
If you are looking to stretch and grow your career our culture will embrace you.
Open up opportunities with HPE.
Job Description:
Job Description
The Senior Security Engineer/Threat Researcher position will be part of Aruba Threat Labs, an internal product security group focused on researching and improving the security of HPE Aruba Networking's products, the company's secure development practices, and the company's vulnerability disclosure processes.
Based in the Office of the CTO, the Senior Security Engineer/Threat Researcher will have responsibility across Aruba's entire product portfolio, including LAN switching, Wi-Fi, Network Access Control, cloud, and security monitoring solutions.
Specific responsibilities will include:
* Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws.
* Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested.
* Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public.
* Assist in managing Aruba's bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities.
* Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
* Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams.
* Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences.
* Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers.
Requirements:
...
- Rate: Not Specified
- Location: Des Moines, US-IA
- Type: Permanent
- Industry: Finance
- Recruiter: Hewlett Packard Enterprise Company
- Contact: Not Specified
- Email: to view click here
- Reference: HPE1US1189439EXTERNALENUS
- Posted: 2025-06-14 10:02:01 -
- View all Jobs from Hewlett Packard Enterprise Company
More Jobs from Hewlett Packard Enterprise Company
- CNA
- RN
- COTA
- Respiratory Therapist FT
- Prn cna
- J.P. Morgan Wealth Management - Private Client Advisor - Lexington, KY
- Speech Language Pathologist
- PTA- Per Diem
- SLP- Full and Part time Available
- CNA- 7-3 Shift Full Time
- LVN- 3-11 Per Diem
- Speech Language Pathologist
- Assistant Business Office Manager - Antelope Valley Care Center
- COTA Fulltime
- Staffing Coordinator
- Medical Records Assistant
- Shipping Helper
- Maintenance Technician 2 - Swing Shift
- Police Officer - FRLEO (Phoenix)
- FRLEO - Police Officer (Seattle)