Principal Software Security Engineer
3d ago

Since 1992, Ciena has been driven by a relentless pursuit of network innovation. We believe in a network that grows smarter, more agile, and more responsive every day.

This means that when you digitally interact in your world - picking up the phone, streaming video, texting a friend or loved one your interactions are being enabled by Ciena technologies.

Ciena makes your social / entertainment / business existence REAL.

Your Role

We are looking for highly motivated and talented software engineers to join Blue Planet security team, responsible for analyzing vulnerabilities for containers, web interface analysis and deployment security.

Security team maintains secure pasture for Blueplanet portfolio of products and works with all product divisions and cooperates with IT Security, Risk and Compliance Management team to meet business requirements to maintain the confidentiality, integrity and availability of the Ciena product infrastructure and assets.

Services provided are but not limited to :

  • Architecture Review for Threat Management
  • Secure SDLC for all phases : Requirement, Design, implementation and Deployment.
  • Penetration Testing
  • Vulnerability Management : SCA, SAST, DAST
  • Support topics on compliance assessment on ISO readiness and data protection
  • Cloud Security
  • The team also provides consulting services by reviewing & approving the security aspects of the existing network setup (Link Request Approvals) as well as system / software architectures (Application Build Recommendations & Change Requests).

    We believe the recommendation provides the best way to move forward to both strengthening existing security mechanisms and compensating for any inherent security weaknesses.

    Your Responsibilities

  • Support our projects along the secure development lifecycle in all security related matters
  • Provide consultancy and review on secure architectures
  • Run penetration tests and facilitate risk based decision making, propose mitigation for issues identified
  • Be a subject matter expert for identity and access management within application security consultancy
  • Promote a healthy security culture by providing comprehensive training and support to our engineering teams and help create secure by design products and services for our community
  • Reviews current policy and procedure documents for thoroughness. Drafts and submits improvement recommendations to appropriate approver and / or subject matter expert(s) for review.
  • Edits and submits final documents using appropriate systems and processes.

  • Review regulatory requirements, external policies or standards related to Information Security, and conduct gap analysis to internal security policies and requirements.
  • Ensure compliance with regulatory compliance and certification programs (e.g., ISO 27001, CSA Star, NIST CSF, FIPS, FedRAMP)

  • ConducCommunicate regularly to our stakeholders about risk position and mitigation
  • Participate on change and configuration management by doing technical security reviews
  • Assist and train junior team members
  • Minimum Qualifications

  • Bachelors / Masters Degree in Computer Science or equivalent
  • At least 7 years of Security work and overall 10+ years of software development experience.
  • Experience planning, researching, and developing security policies, standards and procedures
  • A comprehension of security standards and frameworks, rules and regulations, and system trust principals, such as ISO, NIST, OWASP, SANS Top 20, PCI-DSS, SOX-404, CSA Star, ITIL, and SOC2.
  • Up-to date knowledge about current architecture patterns and application stacks used in application development
  • Experienced in WAF security policies implementation & support
  • Communication and time-management skills
  • Ability to adapt to dynamic threat landscape in a global environment
  • Ability to work unsupervised, under pressure and meet deadlines
  • Creative with strong commitment to quality and excellence
  • Strong analytical skills and efficient problem solving
  • Preferred Qualifications

  • Prior knowledge in penetration testing tools such as Burp Suite, InsightVmAppScan OR OWASP ZAP, Nessus or similar tools
  • Prior knowledge in web Authentication OAuth technology
  • Certifications like GIAC family, CISA, CEH, CompTIA Security+ or similar
  • DevSecOps experience related to application deployments
  • Experience with cloud technologies
  • About Ciena

    Ciena is a network strategy and technology company with a passion to provide an experience, to you and our customers that is as rewarding as the outcome.

    We attract the best and brightest those with outstanding talent, motivation, and the right attitude to contribute to our success.

    Our culture balances our openness and informality with professionalism and trust and is built on the foundation of our core values : Customer First, Integrity, Velocity, Innovation, and Outstanding People.

    Ciena enables everyone to have a voice and a network that supports them while on the journey to discovering their passion and purpose.

    We trust each individual to do what they can to reach their full potential and make an impact on the business, whenever, wherever they are in the world.

    With Ciena’s highly innovative, forward-thinking business practices, we reward people for pushing the boundaries. Unlock your potential at Ciena!

    Being You Ciena

    As part of our commitment to diversity and inclusion, we want to foster an environment that values and respects all individual’s strengths, perspectives, ideas, and ability to meet the needs of our customers globally.

    Ciena values the diversity of its workforce and respects its employees as individuals, regardless of race, ethnicity, religion, gender, age, national origin, disability, sexual orientation, veteran or marital status or any other category protected by applicable law.

    We do not tolerate any form of discrimination.

    Ciena is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

    If contacted in relation to a job opportunity, you should advise Ciena in a timely fashion of the specific accommodation measures required for you to be assessed in a fair and equitable manner.

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form