• Job Description

  Req#: R027112

  As the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

  As the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

  How You Will Contribute:

  • Reporting to Senior Manager, Software Engineering Applications, as a Senior Engineer, Security Infrastructure and Tools, your primary focus will on the development of the Ciena Secure Signing Platform (CSSP).

  • The CSSP platform has a mission critical role supporting business operations such as code signing, secure manufacturing and RMA. Supported products include: WaveLogic , Waveserver , O-NID, RLS, ELS, and RSP across multiple generations.

  • You will develop and implement features for the CSSP platform, perform integration of security tools and contribute to its architectural evolution. In addition, you will develop and maintain automated pipelines for security tooling within a secure software development lifecycle (SSDLC). Working with product development teams you will provide guidance on the implementation of complex workflows for code signing, secure manufacturing and RMA informed by your knowledge of CSSP.

  • As an internal security champion, you will collaborate with engineers, architects, managers, factory primes, and other professional and technical personnel at different security quality gates and stages of the secure software development process and undertake regular risk assessments and analysis of implemented solutions.

  The Must Haves:

  • Excellent command of C/C++, Python, Shell Scripting.

  • Knowledge of basic cryptographic concepts related to cryptographic keys, secure protocols ( high level e.g. TLS) , public key infrastructures and crypto libraries such as: WolfSSL or OpenSSL .

  • Experience developing secure and reliable microservices and taking them into a production environment ensuring resiliency and redundancy and performance optimization

  • Working knowledge of databases, implementing schemas relying on backends such as SQL, Elastic or Mongo or other No-SQL DBs.

  • Knowledge of all aspects of credential management with functional knowledge of PKIs.

  Assets:

  • Experience implementing complex workflows and integrating security solutions and tools in a secure software development pipeline for applications such as code signing, encryption or multi factor authentication leveraging automation and orchestration tools such as Jenkins or Bamboo while interacting with object stores, e.g. Artifactory.

  • Proven experience implementing security related tooling and pipelines at large scale enterprise organizations while using security algorithms, libraries and protocols such as: RSA, AES, ECDSA, SSH, Public & Private Key Generation, TLS, WolfSSL , OpenSSL.

  • Experience developing tools to support secure boot and hardware root of trust.

  • Experience with translating security publications such as ISO 2700X:2022, NIST 800-XXX into actionable strategy.

  • Prior experience taking products through certifications such FIPS 140-2 level 3 or working towards FIPS 140-3.

  • Experience working with hardware security modules (HSMs).

  • Solid experience with Go Lang, GRPC, Protocol Buffers required for the development of the next-gen CSSP platform.

  • Experience with analysis tools such as SCA, DAST, SAST.

  • Practices & Frameworks: Threat Modelling, Agile, DevOps, OWASP, Software Architectures

  • Interested in working with post quantum encryption enabled H/W and secure manufacturing flows integrating post quantum encryption.

  • Knowledge of Security vendor assessment and POCs for new security tools.

  • Any one of the following security certifications: CSSLP, CompTIA Security+, CISSP, or other relevant and accredited DevSecOps related certification.

  • Bachelor's degree in Computer Science , Computer Engineering, Electrical Engineering, or related field.

  • Environments: Linux, Windows.

  Pay Range:

  The annual salary range for this position, in Canadian dollars, is $93,000 - $148,600.

  #LI-JD

  Pay ranges at Ciena are designed to accommodate variations in knowledge, skills, experience, market conditions, and locations, reflecting our diverse products, industries, and lines of business. Please note that the pay range information provided in this posting pertains specifically to the primary location, which is the top location listed in case multiple locations are available.

  Non-Sales employees may be eligible for a discretionary incentive bonus, while Sales employees may be eligible for a sales commission. In addition to competitive compensation, Ciena offers a comprehensive benefits package, including medical, dental, and vision plans, participation in 401(K) (USA) & DCPP (Canada) with company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company-paid holidays, paid sick leave, and vacation time. We also comply with all applicable laws regarding Paid Family Leave and other leaves of absence.

  Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.
  
  At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.

  Ciena is an Equal Opportunity Employer, including disability and protected veteran status.

  If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.

• About the company

  Ciena Corporation is an American telecommunications networking equipment and software services supplier based in Hanover, Maryland.

Notice