We are actively seeking Product Security Engineers to join our team. As part of our Security Engineering team, you will be responsible for enabling Secure Product release at the speed of the development team, and continuously improving on premise and SaaS security posture. The role will serve as a Security specialist in the areas of secure design, cloud security, data protection, access management, security automation, working with development teams & cloud infrastructure teams side by side and resolving security issues.
You will also ensure we’re in lock step with product engineering and develop our security services to improve security across the products. Engaging with other teams and communicating with stakeholders will be a regular part of the job. We’re looking for an individual who’s motivated by solving security challenges, enjoys development & automation and problem-solving.
Responsibilities
- Core software development of security services, resolving security design & code related issues
- Supporting security patching and maintaining a clean base os images
- Perform Threat Modeling and Pen Testing of system services and cloud Infrastructure & services
- Conduct assessments of security controls, cloud configurations and continuous verification
- Work with Cloud Infrastructure to team to Implement security controls monitoring, cloud security configurations and continuous verification
- Identify and effectively communicate architectural vulnerabilities with supporting risk statements and realistic mitigation options to stakeholders.
- Monitor security sources for vulnerability announcements and remediations, and create patches
Must Have's
- B.S. or M.S. in Computer Science, Electrical Engineering or related experience
- 6 to 10 years of experience in Security Engineering, including core development, infrastructure security, working & deploying services in SaaS
- Hands-on coding skills in at least one of the following languages: Python & Golang
- Solid experience with security tooling and best practices for implementation in development pipelines and infrastructure.
- Experience with Application Security Testing, Penetration testing, Security event management, vulnerability management, threat modeling, and threat management systems
- Deep understanding of Linux systems security & container security is a must
- Deep understanding of Cloud Security fundamentals (Cloud networks and Cloud-based Systems), including key management, IAM roles and Cloud security controls
- Hands one working experience in architecting/operating solutions and security frameworks built on AWS & Azure
- Experience in implementing Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) is a plus
- An interest and desire to stay abreast of emerging security threats, vulnerabilities, and controls
- Experience working in a regulated environment (SOC, FedRamp, HIPAA, etc.)
Disclosure Pursuant to Applicable State Equal Pay Transparency Laws - This position has a starting pay range as listed below. Actual salary depends upon many factors, including a candidate’s skills, qualifications and experience, location, and salary expectations, and therefore a starting salary at the low end, high end, or even above the stated range may be offered. This position may also be eligible for bonus compensation, commission (if in a sales function), and/or equity grants. Additionally, full-time employees are eligible to participate in our comprehensive benefits framework, including health and wellness benefits, vacation, paid holidays and refresh days, 401(k) retirement plan, life and disability insurance coverages, and other benefits the Company may offer from time to time. US Pay Range
$192,000 - $240,000 USD