About the position
As a Product Security Engineer, you will play a critical role in ensuring the security and integrity of our products throughout their lifecycle. You will collaborate with cross-functional teams to identify and address potential security vulnerabilities, design, and implement robust security measures, and advocate security best practices across the organization. This is an excellent opportunity to make a significant impact by safeguarding our products against emerging cyber threats for our customers that create opportunities to win. In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.
Responsibilities
- Be a part of a bleeding edge security engineering organization which enables the agile development of secure and reliable applications and products.
- Embed security with product development teams to define and implement security requirements and best practices into product designs and architectures.
- Conduct thorough security assessments, including penetration testing, code reviews, and threat modeling, to identify and remediate potential security vulnerabilities.
- Partner with technology leaders to establish metrics that demonstrate security proficiency across product teams.
- Ensure processes associated with key systems are documented, maintained, and archived.
- Collaborate with development and operations teams to develop the standards for product security.
- Other duties as required.
Requirements
- Experience in product security engineering, with a focus on web and mobile applications.
- Familiarity with security tools such as Nessus, Burp, and web application firewalls.
- Experience in secure coding practices, security architecture, and secure development methodologies.
- Experience in conducting security assessments, including penetration testing, vulnerability scanning, code reviews, and threat modeling.
- Knowledge of industry-standard security frameworks and regulations, such as ISO 27001, NIST, and OWASP.
- Ability to communicate and influence in a highly distributed environment.
- Strong verbal and written communication skills.
Benefits
- Array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits.
- Generous paid time off (PTO & sick leave).
- Annual bonus and long-term incentive opportunities (based on performance).
- 401k with up to a 5% match.
- Commuter benefits.
- Pet insurance.
- Paid personal time off and 14 paid company holidays.
- Paid sick time in accordance with all applicable state and federal laws.
