Product Security Engineer
NetApp
Own Every Moment at NetApp
At NetApp, your ideas power innovation. We lead in intelligent data infrastructure—delivering unified storage, integrated data services, and solutions that help organizations unlock the full potential of their data, from AI to multicloud.
Ready to innovate and contribute to our path to $10B? Here, you'll collaborate with passionate teams, tackle real-world challenges, and see your impact in how customers transform and grow. If you're ready to bring curiosity, creativity, and drive to every moment, NetApp is where your journey begins.
Job Summary
As a Secure Development Lifecycle (SDL) Engineer, you will take an active role in a cross functional team, focused on planning and guiding the implementation of multiple product security assurance initiatives. You will plan and manage the application and compliance tracking of secure development lifecycle activities. This is a challenging position working in a very fast paced environment, with the opportunity to work collaboratively with like professionals in the Security, Engineering, Marketing, Operations, Legal, and Global Services functions, and to positively influence greater business outcomes.
Job Requirements
The Secure Development Lifecycle Engineer coordinates NetApp Technology Groups during the product lifecycle, ensuring security checkpoints are understood and completed. The role involves working with others who have a varying level of understanding of product security and how it impacts their functions. A successful candidate will be able to relate secure development to all levels of experience from senior leaders to entry level. The job requires the handling of sensitive information and requires exceptional judgment to protect the company and customer’s interests.
o Define, commit, and track secure development lifecycle activities across the entire product development organization.
o Continually working to improve application security through new and adjusted methodology and tooling.
o Collaborate with engineers and other project stake holders, serve as an expert in secure design, development, and delivery.
o Perform technical security assessments including threat modeling, security baseline analysis and final security reviews and recommendations.
o Develop security satellites as security leaders or SMEs within individual product teams.
o Possess and demonstrate excellent written and verbal communication skills
o Strong understanding of static analysis, dynamic analysis, OWASP top 10 and vulnerability scanning.
o Strong understanding of third-party and open source software integration and usage methodology.
o Strong understanding of the network stack including ports and protocols.
o Strong understanding of concepts related to computer architecture, data structures and standard programming practices.
o Proven experience in leading teams in software security test planning, automation, documentation and process improvement.
o Hands on experience in DevSecOps or Security Tools Pipelining.
o Storage background and understanding of network topologies is a plus
o Hands on experience in Cloud Security is a plus
o Understanding of maturity models such as BSIMM or Open SAMM preferred.
Education
o A minimum of 4 years of experience is required. 5 to 7 years of experience is preferred.
o A Bachelor of Science Degree in Engineering or Computer Science, a master’s degree, or a PhD; or equivalent experience is required.
o CSSLP is desirable.
At NetApp, we embrace a hybrid working environment designed to strengthen connection, collaboration, and culture for all employees. This means that most roles will have some level of in-office and/or in-person expectations, which will be shared during the recruitment process.
Equal Opportunity Employer:
NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, and any protected classification.
Why NetApp?
We are all about helping customers turn challenges into business opportunity. It starts with bringing new thinking to age-old problems, like how to use data most effectively to run better - but also to innovate. We tailor our approach to the customer's unique needs with a combination of fresh thinking and proven approaches.
We enable a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time off each year to volunteer with their favourite organizations. We provide comprehensive benefits, including health care, life and accident plans, emotional support resources for you and your family, legal services, and financial savings programs to help you plan for your future. We support professional and personal growth through educational assistance and provide access to various discounts and perks to enhance your overall quality of life.
If you want to help us build knowledge and solve big problems, let's talk.
Submitting an application
To ensure a streamlined and fair hiring process for all candidates, our team only reviews applications submitted through our company website. This practice allows us to track, assess, and respond to applicants efficiently. Emailing our employees, recruiters, or Human Resources personnel directly will not influence your application.