Product Security Engineer I
Infoblox
At Infoblox, every breakthrough begins with a bold “what if.”
What if your ideas could ignite global innovation?
What if your curiosity could redefine the future?
We invite you to step into the next exciting chapter of your career journey. Bring your creativity, drive, your daring spirit, and feel what it’s like to thrive on a team big enough to make an impact, yet small enough to make a difference. Our cloud-first networking and security solutions already protect 70% of the Fortune 500, and we’re looking for creative thinkers ready to push that influence even further. Join us and discover how far your bold “what if” can take the world, your community, and your career.
Here, how we empower our people is extraordinary: Glassdoor Best Places to Work 2025, Great Place to Work-Certified in five countries, and Cigna Healthy Workforce honors three years running — and what we build is world-class: recognized as CybersecAsia’s Best in Critical Infrastructure 2024 — evidence that when first-class technology meets empowered talent, remarkable careers take shape. So, what if the next big idea, and the next great career story, comes from you? Become the force that turns every “what if” into “what’s next”.
In a world where you can be anything, Be Infoblox.
Product Security Engineer I
We have an opportunity for a Product Security Engineer I to join our Product Security Engineering team in Bengaluru, reporting to the Manager of Product Security Engineering. In In this pivotal role, you will be crucial in leading and ensuring the security and integrity of our applications and systems. Collaborating closely with your stakeholders you will identify, assess, and mitigate security risks and implement robust security measures throughout the software development lifecycle. Your expertise in application security, threat modeling, and penetration testing will be essential in safeguarding our critical systems and protecting sensitive data from potential threats.
Be a Contributor — What You’ll Do
- Perform security assessments, application security reviews, and penetration testing for SaaS services, on-prem solutions focused around DNS/DHCP protocol
- Collaborate with development teams to enforce secure coding practices, guidelines, and standards
- Ensure integration of security requirements and threat modeling considerations into the software development lifecycle. Offer guidance and support during security-related discussions and decision-making processes
- Provide guidance on secure design principles and assist in addressing security issues
- Plan, execute, and analyze application security testing, including penetration testing, vulnerability scanning, and code reviews
- Interpret penetration test results and recommend remediation measures based on identified threats
- Work closely with development teams to design and implement effective security controls like access controls, authentication mechanisms, encryption, and secure communication protocols
- Utilize threat modeling outputs to guide security control selection and implementation
- Keep up-to-date with emerging security threats, vulnerabilities, and best practices in application security and threat modeling
- Educate development teams on secure coding practices, common vulnerabilities, and security best practices
- Conduct security training sessions and workshops to raise awareness of threat modeling concepts and foster a security-conscious culture
Be Prepared — What You Bring
- 0 to 2 years of experience in vulnerability management and penetration testing
- Strong knowledge of application security principles, threat modeling methodologies, and best practices
- Proficiency in secure coding practices, vulnerability assessment, and penetration testing methodologies
- Strong development knowledge in Shell Scripts, Python or Golang is a major plus
- Familiarity with cloud environment like AWS, GCP, Azure and technologies like Kubernetes, Containers etc.
- Familiarity with common web application vulnerabilities (e.g., OWASP Web/API Top 10) and corresponding mitigation techniques.
- Experience with implementing and managing security testing tools and technologies, such as static analysis tools, dynamic application scanners, and penetration testing frameworks
- Strong understanding of secure software development lifecycle (SDLC) and ability to integrate security practices and threat modeling into agile development processes with SAST & DAST tools, including Coverity, CodeQL, SonarQube, and Contrast
- Knowledge of authentication, authorization, and access control mechanisms, cryptographic algorithms, and secure network communication protocols
- Familiarity with industry standards and frameworks such as ISO 27001, NIST, PCI DSS, and GDPR
- Excellent communication and collaboration skills, with the ability to effectively communicate technical concepts to non-technical stakeholders
- Relevant certifications such as CISSP, CSSLP, CEH, OSCP, and/or OSWE are a plus
- Good understanding of cyber security frameworks like OWASP, SANS, NIST, CIS, etc.
- MS/M.tech or BS/B.tech in Computer Science or related field, or equivalent work experience required
Be Successful — Your Path
First 90 Days:
Immerse in our culture, connect with mentors (Blox Buddies), and map the systems and meet with key stakeholders that rely on your work. Discuss and create short/long term goals.
Six months
Understand the scope of Infoblox products, cloud infrastructure, and SaaS services that require secure code reviews and application security assessments
Reach proficiency with processes and procedures laid out for the team in delivering best-in-class product security services
Build knowledge and hands-on experience with cutting-edge technologies
Understand the team of engineers and the current state
One Year
Be an independent key contributor to the team
Contribute to the development and implementation of a comprehensive product security framework that encompasses multi-cloud infrastructure and SaaS products and services
Identify and address potential vulnerabilities and threats in our products and services
Contribute to promoting a security-conscious culture within the organization, including conducting security awareness campaigns, delivering training sessions, and providing guidance to development teams on secure coding practices and threat modeling
Belong— Your Community
Our culture thrives on inclusion, rewarding the bold ideas, curiosity, and creativity that move us forward. In a community where every voice counts, continuous learning is the norm. So, whether you code, create, sell, or care for customers, you’ll grow and belong here.
Be Rewarded — Benefits That Help You Grow, Thrive, Belong
Comprehensive health coverage, generous PTO, and flexible work options
Learning opportunities, career-mobility programs, and leadership workshops
Sixteen paid volunteer hours each year, global employee resource groups, and a “No Jerks” policy that keeps collaboration healthy
Modern offices with EV charging, healthy snacks (and the occasional cupcake), plus hackathons, game nights, and culture celebrations
Charitable Giving Program supported by Company Match
We practice pay transparency and reward performance. Offers reflect role location, internal equity, experience, skills, education, and certifications.
Ready to Be the Difference?
Infoblox is an Affirmative Action and Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis
#LI-PA1
#LI-Hybrid