Cybersecurity Lead – Product Security, Network Hardware, OS

This is a fully remote position, open to applicants in Texas.

📋 Description

• Lead the incorporation of security gates into the product development lifecycle for network hardware and operating system software.

• Enforce the established SDLC policy and ensure that threat modeling (utilizing frameworks such as STRIDE or PASTA) is performed during the design phase of each new product release.

• Direct the security hardening processes for the network operating system.

• Define and impose baseline configurations to guarantee the OS is resistant to tampering, implementing controls like secure boot, kernel hardening, and restricted shell access.

• Orchestrate the initiative for 'Standardizing Dynamic Testing and Vulnerability Management' for product software.

• Supervise the integration of Static Application Security Testing (SAST) using tools such as Snyk within the CI/CD pipeline and establish a Dynamic Application Security Testing (DAST) framework to detect runtime vulnerabilities.

• Design product features that facilitate Zero Trust environments.

• Manage the lifecycle of product vulnerabilities. Set Service Level Agreements (SLAs) for addressing findings identified during penetration testing and DAST scans, ensuring that no critical vulnerabilities are released into production.

• Ensure that all product cryptographic implementations comply with the 'IT Encryption & Cryptography Policy', which mandates AES-256 standards.

⛳️ Requirements

• 8–10 years of experience in product security, particularly focusing on network hardware (switches, routers, gateways) or embedded systems.

• Strong proficiency in C/C++, Go, or Python, with experience in developing or securing Network Operating Systems (e.g., SONiC, Linux-based embedded OS).

• Extensive knowledge of network protocols (L2/L3, TCP/IP, VLANs, VXLAN) and network security technologies (Firewalls, ACLs, 802.1X).

• Proven track record in implementing SAST/DAST pipelines (e.g., Snyk, Coverity, Burp Suite) and managing vulnerability disclosure programs.

• Bachelor's degree in IT, Networking, or a related field (equivalent experience is acceptable).

• Checkpoint: CCSE (highly preferred). General: CompTIA Security+ or Cisco CCNP Security.

🏝️ Benefits

• Extended periods of sitting.

• Sustained visual concentration on a computer monitor or on numbers and other detailed data.

• Frequent repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.).