India onlyYour Opportunity
New Relic is hiring a security engineer to join our Product Security Team! The Infrastructure Assurance team is responsible for safeguarding New Relic's global infrastructure (including servers, clusters, networks, workstations, and cloud). We focus on proactive security controls, performing pragmatic threat assessments, and working with teams to ensure they understand and prioritize security work appropriately.
We value character and practical experience over certifications, and believe that building relationships is far more effective at improving security than dictating what engineers can and cannot do. You do not need to have a deep history as a security engineer to qualify, but should be able to clearly demonstrate multi-cloud systems management, architectural design, automation skills, and show an interest in endorsing security as an integral component of the value that we provide to our customers.
What You’ll Do
- Perform penetration testing of web applications/APIs/graphql and threat modeling for complex and high value applications and services, identifying and preventing security and privacy errors early in development.
- Execute strategies to expand and enhance the Bug Bounty Program. Investigate, reproduce, and respond to security vulnerabilities reported through the bug bounty program.
- Demonstrate strong technical expertise to research, replicate, and address security vulnerabilities identified through the bug bounty program.
- Work with software engineers to identify and analyze security vulnerabilities and follow through with issues until resolution.
- Collaborate with our architecture and standards teams to ensure that we are meeting the common needs of our engineering teams and that we are able to scale our support for them.
- Address software security risks in novel ways by applying technology, automation, relationships, and culture. We work in a continuous deployment, cloud-based environment and adapt our security efforts to the processes and technologies New Relic uses to deliver innovative and best-in-class products.
- Work with software engineers to identify and analyze security vulnerabilities and follow through with issues until resolution.
Your Qualifications
Must-have:
- Bachelor's degree in Computer Science or equivalent practical education and experience.
- 2+ years application security engineering experience.
- Programming and/or vulnerability research experience in one or more languages (such as: Ruby, Java, Go, Python)
- Basic understanding of risk management, network security controls, authentication, and common security protocols.
- Ability to work autonomously, navigate ambiguous situations, and identify innovative solutions.
- Ability to draft/maintain clear and concise documentation.
Nice-to-have:
- Web application pentesting certifications like OSWA, OSWE, OSCP or equivalent.
- Experience securing infrastructure and services built in Azure, or Google Cloud.
- Experience performing security reviews and risk assessments.
- Writing in and understanding an infrastructure orchestration solution, such as Terraform, Chef, or Ansible.
- Proficiency in at least one programming language, like Python, Ruby, and/or Go.
- Proven capability to improve various processes via automation.
Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics’ different backgrounds and abilities, and recognize the different paths they took to reach us – including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We’re looking for people who feel connected to our mission and values, not just candidates who check off all the boxes.
If you require a reasonable accommodation to complete any part of the application or recruiting process, please reach out to [email protected].
We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid.
Our hiring process
In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers’ means that a criminal background check is required to join New Relic.
We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance.
Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic.
Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics.
Review our Applicant Privacy Notice at https://newrelic.com/termsandconditions/applicant-privacy-policy
United States
Italy only
United Kingdom only
