Sr. Staff Product Security Engineer
About The Position
Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. Roles and Responsibilities You are a highly skilled security Engineer who enjoys security work and collaborating with product managers and developers to drive the successful adoption of innovative methods in developing secure applications. In this role, you will: Drive tailored SDL practice into specific engineering Create and track meaningful metrics around product cyber risk and compensating controls Consult, architect on security requirements and utilize best practices to meet them Engage in application and domain-specific threat modeling and attack surface analysis/reduction Working with all scrum teams for security-focused design Identifying and ensuring resolution of possible technical implications of each release Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development Help prepare reports at appropriate levels of confidentiality for stakeholders to view Responding promptly and in detail to customer-sponsored penetration tests Promotes standards through workshops, knowledge shares, and code walk-throughs Promotes best practices and design patterns Provides guidance on automated testing tools and techniques
Requirements
- Bachelor's Degree in Computer Science or "STEM" Majors (Science, Technology, Engineering and Math) with significant experience.
- Bachelor's Degree in Computer Science or "STEM" Majors (Science, Technology, Engineering and Math) with minimum years of experience8years
- Must be available for on call for potential security response
Nice To Haves
- Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
- Program and Project Management experience; expertise with Agile development teams
- Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
- Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
- Experienced in developing web services (SOAP/REST)
- Knowledge of application risk identification and evaluation techniques
- Knowledge of Cyber Security and full knowledge of multiple related engineering functions
- Experience securing applications within cloud platforms such as AWS, Azure and alike.
- Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
Responsibilities
- Drive tailored SDL practice into specific engineering
- Create and track meaningful metrics around product cyber risk and compensating controls
- Consult, architect on security requirements and utilize best practices to meet them
- Engage in application and domain-specific threat modeling and attack surface analysis/reduction
- Working with all scrum teams for security-focused design
- Identifying and ensuring resolution of possible technical implications of each release
- Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
- Help prepare reports at appropriate levels of confidentiality for stakeholders to view
- Responding promptly and in detail to customer-sponsored penetration tests
- Promotes standards through workshops, knowledge shares, and code walk-throughs
- Promotes best practices and design patterns
- Provides guidance on automated testing tools and techniques
Benefits
- medical
- dental
- vision
- paid time off
- a 401(k) plan with employee and company contribution opportunities
- life
- disability
- accident insurance
- tuition reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Industry
Chemical Manufacturing
Number of Employees
5,001-10,000 employees
