Product Security Engineer

15 ore fa


Milano, Provincia di Milano; Lombardia, Italia Red Hat A tempo pieno
Join Red Hat Product Security’s Vulnerability Management Team in EMEA as a Product Security Engineer. As a vital member of Red Hat Product Security’s Vulnerability Management team, you will act as a frontline defender protecting our customers and the open-source community. By combining technical expertise in Red Hat’s product dependencies with a deep understanding of business risk, you will lead rapid assessments, coordinate cross-functional engineering teams, and craft essential vulnerability metadata. We are looking for a sharp problem-solver passionate about swift risk mitigation to help define our response strategy and ensure our software remains resilient against an ever-changing threat landscape. Our role is open as onsite/hybrid in our offices (Milan, Brno, Waterford, Barcelona, Madrid, Dublin, Cork) or remote in Poland, Italy, Portugal, Spain, Czech Republic, Ireland. Manage and provide timely response to publicly disclosed security vulnerabilities (CVEs) and incidents across Red Hat software, Fedora, and other OSS projects. Engineering, Product Management, Content Team) to ensure timely, accurate, and consistent remediation and communication for all assigned public CVEs Understand the full lifecycle of Red Hat products, including where product metadata is maintained and how to update it within custom Product Security Tools Reverse engineer and create reproducers of vulnerabilities affecting code and articulate how it can or cannot be mitigated to the appropriate audience. Contribute to customer-facing security documentation, references, and data, including CVE pages and metadata. Red Hat Enterprise Linux, OpenShift, Ansible, etc.) OR significant experience working on a complex enterprise Linux distribution, large-scale open-source software project, or modern container platform (e.g., Proficiency in common programming languages like C/C++, Python, Java, Go, and familiarity with Source Code Management tools like Git Strong knowledge of application security concepts such as OWASP Top 10 bug types, CWE, CVSS scoring Proven ability to independently coordinate complex security responses with globally distributed, cross-functional teams in a fast-paced environment Understanding of how AI/ML technologies intersect with software security and vulnerability analysis 4+ years of experience in cybersecurity incident management and coordination and/or with delivering technology-related software ~ Bachelor’s degree in a technical field. Industry certifications like CISSP, CSSLP, CISA/CISM, OSCP, CEH, Comptia Security+ or GIACare a plus. ~ comfortable with docker/Linux containers. Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Spread across 40+ countries, our associates work flexibly across work environments, from in-office, to office-flex, to fully remote, depending on the requirements of their role. We’re a leader in open source because of our open and inclusive environment. We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact. Red Hat’s culture is built on the open source principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone. When this is realized, it empowers people from different backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee. If you need assistance completing our online job application, email application-assistance@redhat.

  • Product Security Engineer

    2 settimane fa


    Milano, Lombardia, Italia Red Hat A tempo pieno

    Join Red Hat Product Security's Vulnerability Management Team in EMEA as a Product Security Engineer. As a vital member of Red Hat Product Security's Vulnerability Management team, you will act as a frontline defender protecting our customers and the open-source community. In this role, you will manage the full lifecycle of reported vulnerabilities with a...

  • Product Security Engineer

    2 settimane fa


    Milano, Lombardia, Italia Red Hat A tempo pieno

    Red Hat Product Security is looking for a Product Security Engineer to join our global Resilient Development team. Red Hat's Resilient Development Team focuses on Secure Development and improving proactively the security posture of our Products and Services portfolio and their build pipelines. You will perform security architecture reviews and security...

  • Product Security Engineer

    2 settimane fa


    Milano, Lombardia, Italia Red Hat A tempo pieno

    Red Hat Product Security is looking for a Product Security Engineer to join our global Resilient Development team. Red Hat's Resilient Development Team focuses on Secure Development and improving proactively the security posture of our Products and Services portfolio and their build pipelines. You will perform security architecture reviews and security...


  • Milano, Lombardia, Italia Red Hat A tempo pieno

    Join Red Hat Product Security's Vulnerability Management Team in EMEA as a Senior Product Security Engineer. You will be vital in protecting our customers and the open source community from security risks. This role focuses on the critical incident management and coordination of high-profile Customer Security Awareness (CSAw) events impacting Fedora and...

  • Security Engineer

    2 settimane fa


    Milano, Lombardia, Italia Esprimo S.r.l. A tempo pieno

    ESPRIMO Srl, società di consulenza informatica che opera dal 2002 su tutto il territorio nazionale ed internazionale, a supporto delle imprese, si colloca nel settore dell'Information Technology proponendosi come obiettivo quello di fornire una vasta gamma di prodotti, servizi e soluzioni nelle aree più strategiche per l'impresa, come: Infrastrutture IT,...

  • Security Engineer

    3 settimane fa


    Milano, Lombardia, Italia Unobravo International A tempo pieno

    From day one at Unobravo, we've been on a mission to make mental health support truly accessible to everyone by normalizing therapy, fostering openness, and breaking down the stigma that still surrounds it.Our success is driven by an exceptional team dedicated to providing high-quality, accessible care, anytime, anywhere. With over 9,000 qualified therapists...

  • Security engineer

    3 settimane fa


    Milano, Lombardia, Italia Bending Spoons A tempo pieno

    At Bending Spoons, we're striving to build one of the all-time great companies. A company that serves a huge number of customers. A company where team members grow to their full potential. A company that functions at unparalleled levels of effectiveness and efficiency. A company that creates value for shareowners at an extraordinary rate. And a company that...

  • security engineer

    2 settimane fa


    Milano, Lombardia, Italia ECIT SpA A tempo pieno

    Chi siamo?Siamo una società dinamica, giovane e flessibile che opera da oltre 10 anni nel campo dell'Information & Communication Technology.Offriamo servizi e soluzioni altamente qualificati a partner e Clienti di livello Enterprise grazie ad un team smart composto da tecnici pluricertificati in grado di comprendere e soddisfare le esigenze che i progetti...

  • security engineer

    2 settimane fa


    Milano, Lombardia, Italia ECIT SpA A tempo pieno

    Chi siamo?Siamo una società dinamica, giovane e flessibile che opera da oltre 10 anni nel campo dell'Information & Communication Technology.Offriamo servizi e soluzioni altamente qualificati a partner e Clienti di livello Enterprise grazie ad un team smart composto da tecnici pluricertificati in grado di comprendere e soddisfare le esigenze che i progetti...

  • Security Engineer

    2 settimane fa


    Milano, Lombardia, Italia Tron Group Holding A tempo pieno

    Siamo alla ricerca di un\ una Security Engineer da inserire presso azienda cliente leader nella consulenza IT.Responsabilità principaliAttività di troubleshooting e indirizzamento problematiche su SD-WAN, LAN, WAN, networking e connettivitàGestione operativa delle attività in carico al team network, con ruolo di focal point internoStesura di policy di...