Staff Security Engineer, Product Security

Attentive
161d$170,000 - $250,000
Match Resume

About The Position

We are looking for an experienced and versatile security engineer who brings both technical acumen and a developer mindset to their work. Our ideal candidate is motivated by helping to reduce risk while enabling the business to move quickly and safely. You will be a key member of the Security Engineering team, which carries the responsibility for the security of Attentive’s platform (we work in AWS) and customer-facing products (we build microservices primarily in Java). Practically, this spans a broad gamut of building and/or operating tools to secure our code and underlying systems from development to delivery, to detect and respond to abnormal behaviors, and to provide security testing and guidance to colleagues as they architect new systems and features. As part of this team and in this role, you will lead our product and application security program, serving as the key player in our organization for guidance and action on making our product more secure for our clients. You’ll find yourself working with a group of other talented security professionals of various backgrounds with a shared goal to shape the future of Attentive’s security program and provide a positive impact for the company and its customers.

Requirements

  • 7+ years of experience in Security with a focus in application/product security.
  • Deep knowledge of web application technologies, identifying and remediating common vulnerabilities in code.
  • Proven knowledge and experience in building and automating processes, such as static code analysis using Semgrep.
  • In-depth knowledge of common application & network protocols, cryptography, authentication & authorization protocols, and common security threats and attack techniques.
  • Strong experience coding and reviewing code with one of these languages: Java, Python, Golang.

Nice To Haves

  • Well-versed in Java vulnerabilities or Gradle dependency management.
  • Experience in Kubernetes/container security.
  • Experience working in AWS and deploying infrastructure as code.

Responsibilities

  • Perform secure design reviews, testing and code reviews of new systems and product features.
  • Design, develop, implement and maintain tools to secure our code and underlying systems from development to delivery.
  • Provide hands-on support to engineers to deploy security solutions, integrate security processes, harden services and remediate vulnerabilities.
  • Lead the development of comprehensive threat models for new and existing products and infrastructure to identify, assess, and mitigate security risks.
  • Establish and manage a vulnerability management lifecycle for our applications, ensuring timely detection, reporting, and remediation of security vulnerabilities.
  • Establish secure coding practices and provide continuous security guidance to developers across engineering.
  • Develop and maintain security documentation and reports derived from penetration testing activities and product security tools.

Benefits

  • Competitive perks and benefits, from health & wellness to equity.
  • US base salary range for this full-time position is $170,000 - $250,000 annually + equity + benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Number of Employees

1,001-5,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service