Location: San Jose, United States of AmericaIn fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.
Principal Security Research Engineer (Imperva Inc., San Jose, CA) – Develop, implement, and maintain end-to-end API transaction security solutions for observability and security for key platforms Duties include:
- Work on API security research including building prototypes to identify APIs from Network traffic heuristics to identify application activities, develop rule-based engines to detect API security threats, and build behavioral models for identifying anomalous users and APIs;
- Research and investigate API security threats that fall into OWASP API Top 10 category;
- Research and develop connectors to track API events for multiple API Gateways to be integrated with Imperva API security products;
- Design, develop, and maintain the API specification language that interfaces with deep packet inspection engines to identify with precision the various API constructs in the network packets;
- Develop software application rules and heuristics to identify various application activities using the API specification language;
- Develop Shiftleft security tools that help assess for best industry practices or detect security vulnerabilities early in software development cycle;
- Work with product management and other cross functional teams to define, develop, and understand functional and software architecture specifications to meet product requirements;
- Work with test teams for verification and compliance of the software so that it meets customer expectations;
- Work with the technical support team to support software issue escalations and sustenance of Imperva products;Participate in the evaluation, implementation, and troubleshooting of Imperva software security tools;
- Mentor new security research staff and support their success with Imperva’s software security products; and
- Conduct forward looking research to develop leading edge prototypes to solve software security challenges.
MINIMUM REQUIREMENTS:
A Bachelor’s degree or foreign equivalent in Computer Science, Computer Engineering, Information Technology, or related discipline and 5 years of experience in a security research engineer-related occupation.
Experience must include the following, which may be gained concurrently:
- 5 years of experience working in Application Security, Security Operations, and Security Development.
- 2 years of experience developing security tools and processes for scanning, testing, monitoring, and reporting.
- 2 years of experience using network packet inspection tools including Wireshark, tcpdump, and Fiddler.
- 2 years of experience researching and identifying API related threats and developing PoC or prototypes.
- 2 years of programming experience with Python, Lua, or Shell Script.
- 2 years of experience with different API frameworks such as REST, GraphQL, and gRPC, including knowledge of OAS format.
- 1 year of experience working with API Gateways such as Kong, MuleSoft, APIgee, and Azure API gateway.
- 1 year of experience mentoring at least one junior researcher.
Salary: $215,850 / Year
Apply by e-mail with resume to CA.jobs@imperva.com. Reference Job #PSRE2024 in reply. This position is part of Imperva, Inc.’s employee referral program and is eligible for an employee referral incentive.
This position will require successfully completing a post-offer background check. Qualified candidates with [a] criminal history will be considered and are not automatically disqualified, consistent with federal law, state law, and local ordinances.
Successful applicant must comply with federal contractor vaccine mandate requirements.
Thales champions inclusion and we believe diversity strengthens the fabric of our culture. We are an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
If you need an accommodation or assistance in order to apply for a position with Thales, please contact us at talentacquisition@us.thalesgroup.com.