Product Security Engineer - Federal

About The Position

Requirements

• Meet US citizenship and residency requirements for FedRAMP engagements
• 2+ years of application security in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security
• 3+ years of developing commercial software products
• Understanding of networking protocols and modern data center architecture
• Exceptional problem-solving skills, curious about the inner workings of systems and showing attention to details and documentation
• Excellent written and oral communication skills

Nice To Haves

• Experience in security and compliance for FedRAMP solutions: Understanding of NIST, DoD, and related security standards.
• Experience with Linux environments, administration, security, internals
• Experience with identity management (e.g. OAuth 2.0, OpenID Connect, SAML 2.0, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking)
• Experience with CI/CD in Federal or US government cloud deployment in Amazon AWS, AWS GovCloud, Azure or Google Cloud Platform
• Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.
• Experience in containerization with Docker or Podman.
• Experience in container management with Kubernetes and Helm.
• Experience in vulnerability management measurement, reporting and remediation
• Security certifications such as CISSP, CSSLP, GIAC, OSCP

Responsibilities

• Own multiple Security Engineering assignments working with Ping Identity products, processes, and tooling
• Assist in proposing, developing, and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams
• Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment
• Perform application security tasks including threat modeling, developer code reviews, consulting, static code analysis, dynamic runtime fuzzing, building custom tools, and automation and exploit development
• Assist the Federal presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
• Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product

Benefits

• Generous PTO & Holiday Schedule
• Parental Leave
• Progressive Healthcare Options
• Retirement Programs
• Opportunity for Education Reimbursement
• Commuter Offset (Specific locations)