Description

Wind River Systems


Wind River is an Equal Opportunity Employer with a commitment to diversity. We prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

IT & Security • Boston,

Job DescriptionABOUT WIND RIVER Wind River is a global leader in delivering software for mission-critical intelligent systems. For more than four decades, the company has been an innovator and pioneer, powering billions of systems that require the highest levels of security, safety, and reliability.  Wind River helps customers across automotive, aerospace, defense, industrial, medical, and telecommunications industries solve complex technology challenges on their journey toward the new intelligent machine economy. The company's software powers generation after generation of the safest, most secure systems in the world.  Examples include playing a key role inNASA space missionssuch as Artemis I, the James Webb Space Telescope, and multiple Mars rovers. We've achieved recent5G milestonesincludingthe world's first successful 5G data sessionwith Verizon and buildingone of the largest Open RAN networksin the world with Vodafone. The company has received industry recognitionfor its technology innovation and leadership, and for its workplace culture, including global Great Place to Work certification and being named a "Top Workplace" for ten consecutive years. If you want to be part of a unique culture where the lived experience is based on our cultural attributes of growth mindset, customer-focus, and diversity, equity, inclusion & belonging, come join us and help advance the future software defined world.  
YOUR ROLEAs a Member of Technical Staff on our team, you'll focused on implementing modern DevSecOps technologies, pioneering new security tools, processes and capabilities for cloud-native solutions.The candidate must have experience in securing cloud-native development environments and be a highly adaptable team player who can quickly ramp up on new technologies and accomplish goals in a fast-paced agile environment. A combination of strong technical and communication skills is a must, along with an unbounded desire to learn new technologies and their application.In your daily job you will:Secure application on OnPrem and Public Cloud environments leveraging IACEstablish, implement security policies for Docker, K8s and Public Cloud PlatformsImplement and automate Application Security policies by embedding SAST, DAST, API Security and Penetration Testing in the product development workflowAccelerate container security with pipeline developmentDrive vulnerability management and remediation in partnership with various product teamsManage and maintain secure integrations between tools like Gitlab, Jenkins, JIRA, and many more.Implement solutions for event log collection and SIEM.HOW YOU WILL CONTRIBUTE  Key skills and competencies for succeeding in this role are:Expertise in Application Security , network design, back-end security-enhancing featuresDeep knowledge of application vulnerability management, remediation, and troubleshooting skills Hands-on experience using tools like Coverity, BurpSuite, ZAP, Trivy, PRISMA Cloud, Tenable, Rapid7 etc.Excellent programming skills using Python, Go etc.Proficiency in pipeline automation leveraging Gitlab, Jenkins, Jira etc.Strong foundation of DevSecOps principles, Infrastructure as Code including Terraform and Helm, Container and Cluster hardeningSecurity penetration testing & threat modelling would be a plus.Good exposure to cybersecurity principles with a desire to increase knowledgeExperience in Architecting and delivering security features on cloud providers (Azure AWS, GCP etc.), On Prem and Hybrid environments.Industry standards-based documentation, certification, and accreditation such as NIST SP 800-53, NIST 800-171, FEDRAMP, and Security Technical Implement Guides (STIGs) and bringing components into compliance with these standardsSecrets Management leveraging Hashicorp Vault is a plusExperience with Agile and ScrumSelf-managed, fast learner, and strong problem-solving and analytical skills.Excellent verbal and written communication skills and a good listener.Exceptional team player who works well in collaborative situations.Ability to brainstorm and represent competing ideas simultaneously.Growth mindset who is passionate about learning and applying new technologies.8+ years of relevant technical experience in cybersecurity with 2+ years of experience in software engineering.BS / MS degree (Computer Science, Electronics Engineering, or equivalent technical degree)SECURITY CLEARANCE REQUIREMENTS   Successful candidates must engage in a security clearance process in regard to their citizenship in order to perform fundamental job duties, as per applicable law. In particular, candidates with certain citizenship may not be able to perform such fundamental job duties. Currently, this includes citizens of the following countries: Belarus; Burma; China; Cuba; Iran; North Korea; Syria; Venezuela; Afghanistan; Cambodia; Central African Republic; Cyprus; Democratic Republic of Congo; Ethiopia; Eritrea; Haiti; Iraq; Lebanon; Libya; Russia; Somalia; South Sudan; Sudan; Zimbabwe. The security clearance process may take a significant amount of time to complete, and any offer of employment will be contingent on the candidate's legal ability to perform the fundamental job duties. Wind River is committed to meeting its obligations to candidates under applicable human rights law and privacy law in this regard.It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.Compensation
The annual base salary range for this role's listed grade level is currently $165,000 to $206,200 plus a bonus for Colorado, New York, and New Jersey residents, and $185,000 to $222,000 plus a bonus for SF Bay Area, Greater Seattle, NYC, and Washington, DC, residents. Salary ranges are determined through interviews and a review of the education, experience, knowledge, skills, location, and abilities of the applicant, and equity with other team members.#LI-PG

PI280794519