Senior Software Engineer - Product Security, VMware

Sr. Software Engineer - Product Security

VMware Product Security Engineers are responsible for responding to reported software vulnerabilities and working with the product engineering teams to track these issues to resolution. Additional functions include working with product engineering teams to improve existing security testing frameworks; building new security testing tools; conducting threat modeling and penetration testing; and work with advanced development efforts targeted towards improving the security of VMware products. Successful candidates enjoy looking at products from a security perspective and assisting other engineers in developing solutions to challenging problems. Success and previous experience in developing exploits, threat models and/or secure software development testing practices are a plus.

Responsibilities:

• Be the first line of connection to externally reported vulnerabilities and coordinate the response to include tracking and updating resolutions

• Perform architectural risk analyses for VMware products against defined use cases

• Contribute to cross functional efforts for corresponding remediation strategies

• Perform security code audits and design review

• Assess specific exploit/vulnerability risks for VMware products to help provide mitigation and code correction where applicable

• Provide guidance to other engineers and product team members on secure software development practices

• Work collaboratively with the security research community in responding to reported vulnerabilities and associated trends

• Stay current on relevant trends and technologies to help maintain and enhance VMware’s overall security posture

• Evangelize security and secure coding practices within VMware

• Conduct and support research on security efforts as they relate to VMware products

Requirements:

• BS, MS, or PhD in Computer Science or equivalent of industry experience

• Extensive experience in application-level and operating system vulnerability testing

• Experience in code-level security auditing

• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols

• Strong C/C++/Java coding skills.

• Strong self motivation and orientation toward results and collaboration skills

• Experience testing software to include the use of pen testing tools and code analysis tools

• Detailed understanding of attack methods, methodologies, and countermeasures

• Experience developing tools and techniques for the discovery of security bugs

VMware (NYSE: VMW), the global leader in cloud infrastructure, delivers customer-proven virtualization solutions that significantly reduce IT complexity. VMware accelerates an organization’s transition to cloud computing, while preserving existing IT investments and enabling more efficient, agile service delivery without compromising control. Organizations rely on VMware, its partners and its industry-leading virtual infrastructure platform, VMware vSphere, to energize their business through IT, while saving energy—financial, human and the Earth’s. With 2009 revenues of $2 billion, VMware has more than 170,000 customers and 25,000 partners worldwide. VMware’s award-winning technology, market-leading position and culture of excellence provide our 7,000+ employees in 40+ locations worldwide with a platform for professional growth and the excitement of being an early-stage innovator.

Qualified Candidates should contact [mailto:aduggan@vmware.com Anne Duggan]