Staff Security Engineer

About The Position

Requirements

• 10+ years in a security architecture role with a focus on software products and platforms.
• Experience working within fast-paced, cloud-native environments.
• Proven experience with securing distributed systems, microservices, and APIs.
• Demonstrated knowledge of security frameworks, industry standards, and regulations (EX: ISO 27001, SOC 2, GDPR)
• Hands-on experience with DevSecOps principles and integration of security within CI/CD pipelines.
• In-depth knowledge of cloud security best practices on the following platforms (AWS, Azure, Google Cloud)
• Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.
• Experience working cross-functionally with product, engineering, and operations teams.
• Proven leadership in driving security initiatives and integrating security into product development lifecycles.

Nice To Haves

• Experience with API security, including OAuth, JWT, and OpenID Connect.
• Knowledge of container security (Docker, Kubernetes).
• Familiarity with security automation tools and methodologies (e.g., SAST, DAST, RASP).
• Technical industry certifications such as OSCP, GPEN etc…

Responsibilities

• Security Architecture Design: Collaborate with product teams to maintain a security architecture framework that supports the secure deployment of Postman products and services. This includes in advising GRC / Legal on Security policies.
• Threat Modeling & Risk Assessment: Lead threat modelling and risk assessments to identify security vulnerabilities in existing and new systems. Recommend appropriate mitigation strategies.
• Technology Review & Evaluation: Evaluate new technologies and architectures from a security perspective, ensuring they meet security requirements.
• Security Strategy: Contribute to the development of long-term security strategy and roadmaps, ensuring alignment with product goals and business objectives.
• Incident Response: Work closely with the SOC to understand gaps in product architecture.
• Mentorship & Leadership: Mentor and provide guidance to junior security engineers and architects on security architecture principles and best practices.

Benefits

• flexible schedule working with a fun, collaborative team
• full medical coverage
• flexible PTO
• wellness reimbursement
• monthly lunch stipend
• wellness programs
• team-building events
• donation-matching program