UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

Product Security Incident Lead

155555
San Jose, CA, United States
Jul 13, 2018

Share:

Job Description

Description

Xilinx develops highly flexible and adaptive processing platforms that enable rapid innovation across a variety of technologies - from the endpoint to the edge to the cloud. Xilinx is the inventor of the FPGA, hardware programmable SoCs and the ACAP (Adaptive Compute Acceleration Platform), designed to deliver the most dynamic processor technology in the industry and enable the adaptable, intelligent and connected world of the future in a multitude of markets including Data Center (Compute, Storage and Networking); Wireless/5G and Wired Communications; Automotive/ADAS; Emulation & Prototyping; Aerospace & Defense; Industrial Scientific & Medical, and others. Xilinx's core strengths simultaneously address major industry trends including the explosion of data, heterogeneous computing after Moore's Law, and the dawn of artificial intelligence (AI).

Our global team is growing and we are looking for bold, collaborative and creative people to help us lead the industry transformation to build an adaptable intelligent world. We believe that by embracing diverse ideas, striving for excellence in all that we do, and working together as a unified team, we can accomplish anything. Come do your best work and live your best life as part of the ONEXILINX team!

Product Security Incident Lead


Reporting to the Senior Director of SW Architecture, this individual will work closely with security representatives from various disciplines across the company on incidents that impact Xilinx SW & IP.  The role also calls for considerable involvement behind the scenes engaged directly with development & verification teams to improve the security of our processes and products.  A candidate demonstrating a balance of accountability, passion, polish and solid technical experience will thrive in our high-energy, high-impact organization.  

 

Key responsibilities include

  • Full-lifecycle ownership of events escalated as potential security incidents, including:
    • Initial triage and scoring of events
    • In-depth event investigation and development of an incident response action plan
    • Coordination of all incident remediation and response activities, including written and verbal communication with internal stakeholders and outside partners
    • Conduct “after action” reviews of completed incident response activities
  • Identification and tracking of security improvements identified during incidents or as part of a review
  • Prepare executive summaries and conduct briefings on significant investigations
  • Document and communicate repeatable processes and procedures for Incident Response
  • Participate in industry events, track industry research and security trends, and use best practices to drive improvements in processes and products

Qualifications:

  • B.S. or M.S. in Computer Science, Information Security or related experience
  • 10+ years product development or security experience, with 3+ years experience in product security and strong demonstrated knowledge of common attacks
  • Understanding of best practices in security engineering: secure development, cryptography, security operations, systems security, policy, and incident response
  • Experience with FIRST, CERT and working as part of a Product Security Incident Response Team (PSIRT)
  • High degree of self-confidence, poise, maturity, discretion, diplomacy and empathy
  • Articulate communicator, effective with varying audiences at multiple levels of sensitivity
  • Proven track record of influence with a diverse set of functional disciplines (e.g., engineering, marketing, QA, legal, etc.)

 

Bonus Points

  • Relevant development experience in languages such as C/C++, Java, Python
  • In-depth knowledge of Linux and Windows
  • In-depth knowledge of cloud and cyber security
  • Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications
  • Familiarity with security tools and techniques such as static analysis, runtime analysis, black-box testing
  • Relevant industry certifications from SANS, ISC2, etc.

 

Share:

Similar Jobs

Heterogeneous Computing Intern

San Jose, CA, United States

Space System Architect

San Jose, CA, United States

SOC Verification and Testing Engineer

San Jose, CA, United States

Embedded Software Engineer

San Jose, CA, United States

Software Engineer (EDA)

San Jose, CA, United States

Senior Software Engineer (EDA)

San Jose, CA, United States

Systems Architect - Automotive

San Jose, CA, United States

Design Verification Engineer

San Jose, CA, United States

Senior Business Analyst - Sales Operations

San Jose, CA, United States

Staff Software Engineer

San Jose, CA, United States

Product Security Incident Lead

San Jose, CA, United States

Heterogeneous Multicore Simulation Expert

San Jose, CA, United States

Heterogeneous Multicore Compiler Expert

San Jose, CA, United States

Senior Embedded Software Engineer

San Jose, CA, United States

Staff Embedded Systems Software Engineer

San Jose, CA, United States

Product Applications Engineer, SDAccel

San Jose, CA, United States

Machine Learning Design Engineer

San Jose, CA, United States

IT Applications Project Manager

San Jose, CA, United States

Software Engineer (EDA)

San Jose, CA, United States

Senior Software (EDA) Engineer

San Jose, CA, United States

For technical assistance, please contact xilinx_ta_support@xilinx.com