[Hiring] Product Security Engineer @Red River

Role Description

The Red Hat Product Security Compliance team is seeking a knowledgeable and proactive Product Security Engineer to achieve our security and compliance objectives. The team is growing and we have a big vision particularly as it relates to increasingly complex compliance standards like FedRAMP and burgeoning digital sovereignty laws worldwide. In this role, you should have an excellent ability to solve problems using your in-depth technical understanding of information systems and computing solutions. Be a team player who works and coordinates well with the team.

Red Hat embraces a remote working culture and promotes work flexibility. This team, and many of the people you would work with, are remote and you would be welcome to work from home as well.

Responsibilities:

• Responsible for the security and compliance of systems related to our Sovereign Commercial and FedRAMP environments.
• Comfortable leading technical discussions across multi-functional engineering teams and third party auditors.
• Support the continuous improvement of the Red Hat environments through automation and maturation of processes.
• Support the downstream integration of open-sourced projects; collaborate to develop and implement Red Hat specific capabilities from the upstream.
• Research and analyze new tools, technologies and services for technical suitability within a containerized environment.
• Serve as an evangelist of security and compliance both inside Red Hat and externally, with partners or within the open-source community.

Qualifications

• Experience supporting systems obtain an Authorization through the FedRAMP or RMF process.
• Knowledge of cloud security practices and technologies.
• Experience securing and supporting compliance efforts in cloud environments.
• Proven track record of being effective when working remotely and in a self-directed capacity.
• Strong communication skills; capable of presenting technical compliance concepts to both technical and non-technical audiences.
• Experience with AI assisted development tools like Claude, Cursor, etc.
• U.S Citizen.

Requirements

• Ability to analyze security controls, assess risks, and design control measures in alignment with FedRAMP standards.
• Experience working with Kubernetes, OpenShift, or similar technologies.
• Experience with programming, scripting and markup languages, such as Go, Python, and XML, as well as automation tools.
• Familiarity with cloud service provider environments (e.g., AWS, Azure) and relevant security tools (e.g., vulnerability management).
• Experience with a FedRAMP 20-X pilot program.
• Experience with open-source software.
• Relevant certifications, such as CISSP, CISM, CCSP, or CISA, are a plus.

Benefits

• Comprehensive medical, dental, and vision coverage.
• Flexible Spending Account - healthcare and dependent care.
• Health Savings Account - high deductible medical plan.
• Retirement 401(k) with employer match.
• Paid time off and holidays.
• Paid parental leave plans for all new parents.
• Leave benefits including disability, paid family medical leave, and paid military leave.
• Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!