Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

How You Will Contribute:

• Reporting to Senior Manager, Software Engineering Applications, as a Senior Engineer, Security Infrastructure and Tools, your primary focus will on the development of the Ciena Secure Signing Platform (CSSP).

• The CSSP platform has a mission critical role supporting business operations such as code signing, secure manufacturing and RMA. Supported products include: WaveLogic, Waveserver, O-NID, RLS, ELS, and RSP across multiple generations.

• You will develop and implement features for the CSSP platform, perform integration of security tools and contribute to its architectural evolution. In addition, you will develop and maintain automated pipelines for security tooling within a secure software development lifecycle (SSDLC). Working with product development teams you will provide guidance on the implementation of complex workflows for code signing, secure manufacturing and RMA informed by your knowledge of CSSP.

• As an internal security champion, you will collaborate with engineers, architects, managers, factory primes, and other professional and technical personnel at different security quality gates and stages of the secure software development process and undertake regular risk assessments and analysis of implemented solutions.

What Does Ciena Expect of You?

• Initiative – You’re a self-starter who works with limited direction and is committed to delivering against aggressive deadlines.

• Agility – you are readily able to make key decisions and manage competing and ever-changing account priorities and largely driven by the product development lifecycle.

• Communication expertise – the ability to influence and tailor your message and ideas to the audience to ensure understanding and buy in.

• The flexibility to work independently and as part of a broader team – you thrive in a multi-disciplinary team environment, but are comfortable working independently as required.

• Relationship builder – with an innate ability to influence, you’re able to quickly develop trusted connections and get work done through others.

• A commitment to innovation – you keep abreast of the latest developments (risks, new tools and practices, vendors) in related security, with a focus on transforming these into action items, roadmaps, and proofs of concepts (POCs).

The Must Haves:

• Excellent command of C/C++, Python, Shell Scripting.

• Proven experience implementing security related tooling and pipelines at large scale enterprise organizations while using security algorithms, libraries and protocols such as: RSA, AES, ECDSA, SSH, Public & Private Key Generation, TLS, WolfSSL, OpenSSL.

• Knowledge of all aspects of credential management with excellent knowledge of PKIs.

• Experience implementing complex workflows and integrating security solutions and tools in a secure software development pipeline for applications such as code signing, encryption or multi factor authentication leveraging automation and orchestration tools such as Jenkins or Bamboo while interacting with object stores, e.g. Artifactory.

• Working knowledge of databases, implementing schemas relying on backends such as SQL, Elastic or Mongo or other No-SQL DBs.

Assets:

• Experience developing tools to support secure boot and hardware root of trust.

• Experience with translating security publications such as ISO 2700X:2022, NIST 800-XXX into actionable strategy.

• Prior experience taking products through certifications such FIPS 140-2 level 3 or working towards FIPS 140-3.

• Experience working with hardware security modules (HSMs).

• Solid experience with Go Lang, GRPC, Protocol Buffers required for the development of the next-gen CSSP platform.

• Experience with analysis tools such as SCA, DAST, SAST.

• Practices & Frameworks: Threat Modelling, Agile, DevOps, OWASP, Software Architectures

• Interested in working with post quantum encryption enabled H/W and secure manufacturing flows integrating post quantum encryption.

• Knowledge of Security vendor assessment and POCs for new security tools.

• Any one of the following security certifications: CSSLP, CompTIA Security+, CISSP, or other relevant and accredited DevSecOps related certification.

• Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or related field.

• Environments: Linux, Windows.

Pay Range:

The annual salary range for this position, in Canadian dollars, is $93,600 - $149,400.

#LI-JD

Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.

At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.

Ciena is an Equal Opportunity Employer, including disability and protected veteran status.

If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.