Cyber Security Engineer

Cyber Security Engineer

This role has been designed as ''Onsite' with an expectation that you will primarily work from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.

Job Description:

We are seeking a Cyber Security Engineer to partner directly with software engineering and product teams to build security into the full development lifecycle. In this role, you will help design, implement, and operationalize security controls across CI/CD pipelines, cloud infrastructure, and application architectures. You will work as a hands-on security engineer and trusted advisor-driving measurable improvements in vulnerability reduction, secure design practices, and release quality.

Key Responsibilities

Secure SDLC / Product Security Enablement

• Partner with product engineering teams to embed security practices into the software development lifecycle, from design through deployment.

• Define and maintain security patterns for common platform components (APIs, services, identity, secrets, data storage).

• Provide actionable remediation guidance for engineering teams, aligned to business risk and delivery timelines.

Vulnerability Management & Remediation Support

• Manage and triage findings across:

• SAST / SCA

• Container and artifact scanning

• Secret scanning

• DAST (where applicable)

• Malware

• Cloud security posture and configuration findings

• Drive consistent risk scoring, prioritization, and remediation tracking aligned to SLAs.

• Validate fixes through testing and evidence-driven verification.

CI/CD Security & Automation

• Integrate security tooling and controls into CI/CD pipelines with a focus on automation and developer usability.

• Improve pipeline outcomes by reducing false positives and creating security guardrails that scale.

• Build automation and scripts for security testing, enforcement, metrics, and reporting.

Cloud & Platform Security

• Assess and advise on security controls for:

• IAM and access policies

• Network segmentation and security groups

• Encryption and key management

• Logging and monitoring

• Support containerized and orchestrated environments (Kubernetes).

Incident Support & Security Operations Collaboration

• Partner with security operations teams on incident response support for product-owned services.

• Assist in root cause analysis and drive remediation actions that prevent recurrence.

• Contribute to security standards, runbooks, and operational readiness.

Security Standards & Governance Support

• Help define and maintain security requirements aligned to enterprise standards such as:

• NIST 800-53 / 800-171

• ISO 27001/27002

• CIS Benchmarks/STIG

• OWASP Top 10

• GDPR

• EU CRA

• Support audit and compliance readiness by assisting with evidence generation and control validation for product environments.

Required Qualifications

• 7+ years in security or IT roles.

• 3+ years of hands-on experience in cybersecurity engineering, product security, DevSecOps, or secure platform engineering.

• Strong understanding of common application security risks and mitigations (OWASP Top 10, secure coding patterns).

• Experience integrating security scanning into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.).

• Working knowledge of cloud security fundamentals (AWS, Azure, or GCP).

• Experience in at least one scripting/programming language (Python, Go, Java, JavaScript/TypeScript, or similar).

• Ability to communicate security risk clearly and pragmatically to engineering teams and technical leadership.

Preferred Qualifications

• Experience with container and Kubernetes security (image scanning, admission controls, runtime security).

• Familiarity with infrastructure-as-code tooling (Terraform, CloudFormation, ARM/Bicep).

• Experience with threat modeling methodologies (STRIDE, PASTA, or similar).

• Experience with SIEM, logging, and cloud-native monitoring (Splunk, Sentinel, ELK, CloudWatch, etc.).

• Exposure to software supply chain security practices (SBOM, signing, provenance, artifact integrity).

• Security certifications (nice-to-have, not required): Security+, AWS Security Specialty, CISSP, GIAC, , etc.

Additional Skills:

Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX)

What We Can Offer You:

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have - whether you want to become a knowledge expert in your field or apply your skills to another division.

Unconditional Inclusion

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

Let's Stay Connected:

Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE.

#unitedstates

Job:

Engineering

Job Level:

TCP_04

"The expected salary/wage range for this position is provided below. Actual offer may vary from this range based upon geographic location, work experience, education/training, and/or skill level.

• United States of America: Annual Salary USD 137,000 - 315,000 in Texas

The listed salary range reflects base salary. Variable incentives may also be offered."

Information about employee benefits offered in the US can be found at https://myhperewards.com/main/new-hire-enrollment.html

The estimated job application period closure is May 4 2026; this timeline is provided for transparency and internal planning purposes.

HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity.

Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

No Fees Notice & Recruitment Fraud Disclaimer

It has come to HPE's attention that there has been an increase in recruitment fraud whereby scammer impersonate HPE or HPE-authorized recruiting agencies and offer fake employment opportunities to candidates. These scammers often seek to obtain personal information or money from candidates.

Please note that Hewlett Packard Enterprise (HPE), its direct and indirect subsidiaries and affiliated companies, and its authorized recruitment agencies/vendors will never charge any candidate a registration fee, hiring fee, or any other fee in connection with its recruitment and hiring process. The credentials of any hiring agency that claims to be working with HPE for recruitment of talent should be verified by candidates and candidates shall be solely responsible to conduct such verification. Any candidate/individual who relies on the erroneous representations made by fraudulent employment agencies does so at their own risk, and HPE disclaims liability for any damages or claims that may result from any such communication.