Sr. Product Security Engineer

hace 3 semanas


Ciudad de México Incode Technologies A tiempo completo

The Opportunity

We seek a trustworthy and proactive Senior Product Security Engineer to be the technical thought leader and driver of a paved-road, holistic product security program. The Product Security Engineer works across various engineering groups in our organization to ensure that our products are as secure and privacy-protecting as our customers expect. We’re looking for someone who loves to solve big challenges in Product Security. These challenges include ensuring a secure software supply chain from idea to operation, providing software provenance, automating all the things in CI/CD, and, of course, building and breaking software to make it more secure.

To be successful as a Product Security Engineer, you should have hands-on experience securing the software supply chain and products of a SaaS and mobile first company, enjoy partnering with fellow engineers, and be able to speak to the big picture of the SDLC and how to achieve a desired state in reasonable chunks. As an engineer, you should lead with a hacker mindset and be able to roll up your sleeves and design, architect, and threat model security critical solutions. Reporting to the Sr. Director of Information Security, you will be an early hire to the security team and will have the opportunity to influence and evolve our product security program.

Responsibilities

  • Partner with engineering and product management teams to perform threat modeling, architecture & design, and code reviews. Assess security implications, requirements for the secure development of new systems, features, and technologies.
  • Provide hands-on remediation guidance to development teams and design security architecture, features and controls that keeps our customers' data safe and preserves their privacy.
  • Build a security paved road through automation and tooling (SAST, SCA, MAST, IaC, DAST, Fuzzing, etc.) into the SDLC and CI/CD integrations that enables our developers to easily produce secure software.
  • Define, architect, build, improve and validate secure software supply chain and build provenance mechanisms.
  • Manage, triage, and provide support to external researchers in our vulnerability disclosure and bug bounty programs.
  • Provide proof of concept exploits, facilitate vulnerability remediation, and drive adherence to software security standards through policy as code.
  • You'll help scale the engineering organization and mentor engineers on best practices in secure software design and architecture.

Qualifications:

  • Deep expertise in at least one domain: web application and browser security, mobile application security, applied cryptography, machine learning and artificial intelligence security, offensive security, cloud security, hardware security.
  • Experience in software engineering, infrastructure engineering, site reliability engineering, or offensive security for a SaaS product company.
  • Experience with a variety of security tooling, to include: SAST, DAST, SCA, IaC Scanning, Image and Container Scanning, MAST, IAST, and offensive security and proxy tooling.
  • Deep expertise with common application security flaws, security controls, and common security libraries and identifying security issues through code review, threat modeling, penetration testing, and other techniques manually and with tools.
  • You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
  • Extensive experience in SaaS product development and security space; securing complex interconnected web and mobile applications and their architectures using Python, Javascript, Swift, Java, C++, Kotlin, or any other modern language.
  • You enjoy collaborating cross-functionally to accomplish shared goals, and you care about learning, growing, and helping others to do the same.

Preferred Experience and Certification:

  • SaaS Startup experience in security focused industries, such as fintech, security software and services, healthtech, identity and access management.
  • Experience with virtualization, containerization technology, orchestration, and cloud native security.
  • Certifications in Security, Product Securityand/or Offensive Security ( eg. OSCP, OSWP, OSEP, OSWA, OSED, OSMR, OSWE, OSEE, GPEN, GWAPT, CEH, etc ).
  • Cloud Certifications, such as AWS Certified Solutions Architect, AWS Security Specialty
  • Hands-on experience in offensive security, and CVEs to prove it.
#J-18808-Ljbffr

  • Ciudad de México Page Personnel A tiempo completo

    Opportunity to be part of a multinational team working as a Sr Security Engineer **Sobre nuestro cliente**: Be part of one of Page Resourcing's multinational clients in the IT sector **Descripción**: The main responsibilities are to: - Design, implement, and maintain security controls and technologies to protect against cyber threats, such as firewalls,...


  • México Skyhigh Security A tiempo completo

    Mexico City, Distrito Federal, Mexico Job ID: JR0032447 Job Title: Web Security Gateway Implementation Engineer Role Overview: As a Web Security Gateway Implementation Engineer, you will design and deploy Cloud Security solutions across large enterprise customers. You will follow best practices across the Cloud Security and Governance solutions for one...


  • Ciudad de México Nissan A tiempo completo

    With a focus on Mobility, Operational Excellence, Value to our Customers and the Electrification of vehicles, you can expect to be part of something exciting. From the sleek design of our vehicles to the unique opportunities we offer around the globe, Nissan exemplifies ingenuity in everything we do. Our people are what drive the business forward. We’re...

  • Security Engineer

    hace 3 semanas


    Ciudad de México Stori Card - MX A tiempo completo

    You will Design and cybersecurity controls for cloud architecture (Cloud, endpoints, AWS) Follow up on control development and implementation Perform assessments on infrastructure and application controls to ensure compliance with security policy and security architecture requirements Requirements Bachelor’s Degree in Computer Science, Cyber Security,...


  • Ciudad de México Nestle A tiempo completo

    Position Summary: Under the supervision and guidance of Product Group Manager, the Sr Specialist Cyber Security is responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IS/IT risks across Nestlé Group to ensure that information assets are adequately protected. S/He is responsible for the...

  • Security Engineer

    hace 1 mes


    Ciudad de México Capgemini A tiempo completo

    Need: 13722001 Position: CHUBB - Engineer (Security Engineer) Experience level: Middle - Sr Education level: Bachelor Degree **Location**:any state of Mexico **Industry - Sector**: **What you’ll do?** - Ping Federate Installation, Upgrade and Maintenance - Able to work on On-call Production Support and handle priority issues - Ping federate SP...


  • Ciudad de México Nearshore Cyber A tiempo completo

    Senior SentinelOne Engineer **Location**: Mexico (Remote/Work-from-Home) We are seeking a skilled and experienced Senior SentinelOne Engineer to join our team. As a Senior SentinelOne Engineer, you will be responsible for the design, implementation, and management of our endpoint security infrastructure using SentinelOne. This is a senior-level role for an...


  • Ciudad de México dynaTrace software GmbH A tiempo completo

    An excellent opportunity to be a key contributor to the exciting Dynatrace Security Solution journey. The individual will closely work with the broader solutions engineering team and security sales specialist team to drive the technical lane in opportunities and will be responsible for providing pre-sales technical support and expert guidance to the broader...


  • Ciudad de México MetaMap A tiempo completo

    We’re living at the dawn of a borderless world, but most people still don't have the tools needed to engage in critical high-trust services including everything from access to financial services, to sharing assets in peer-to-peer marketplaces, and even managing talent. At MetaMap, our work is centered on addressing this gap by building an identity data...

  • Data Engineer Sr

    hace 1 mes


    Ciudad de México Santander A tiempo completo

    Data Engineer Sr Country: Mexico **WHAT YOU WILL BE DOING** - Proporciona servicios de desarrollo de software de aplicación o soporte técnico, normalmente en un proyecto definido. - Desarrolla la lógica del programa para nuevas aplicaciones o analiza y modifica la lógica en las aplicaciones existentes. - Codifica, prueba, depura, documenta, implementa...

  • Sr. Cloud Engineer

    hace 1 mes


    Ciudad de México Page Personnel A tiempo completo

    Opportunity to be a part of a multinational team working as Sr Cloud Engineer **Sobre nuestro cliente**: Be part of one of Page Resourcing's multinational clients in the IT sector **Descripción**: The main responsibilities are to: - Design and implement cloud infrastructure solutions that are scalable, secure, and highly available. - Collaborate with...

  • Database Engineer

    hace 2 semanas


    Ciudad de México Offensive Security A tiempo completo

    **About Offensive Security** Offensive Security (OffSec) is the world's most trusted provider of cyber security training and certification. Our rigorous training programs are industry-standard and our certified alumni highly sought-after. We help businesses, government, and educational institutions become more secure. We help individuals enter or advance...


  • Ciudad de México Thomson Reuters A tiempo completo

    Senior Application Security Engineer As a Senior Application Security engineer within Information Security and Risk Management (ISRM) Product Security, you will join us on our mission to bring frictionless and continuous security to our engineering teams who build our products to securely “Inform The Way Forward”. We promise you won’t be bored with...


  • Ciudad de México Thomson Reuters A tiempo completo

    Senior Application Security Engineer As a Senior Application Security engineer within Information Security and Risk Management (ISRM) Product Security, you will join us on our mission to bring frictionless and continuous security to our engineering teams who build our products to securely “Inform The Way Forward”. We promise you won’t be bored with...


  • Ciudad de México Yuno A tiempo completo

    COME JOIN US AT YUNO! We are seeking a Security Operations Engineer to join our team. At Yuno we are looking to solve the complexity of the online payment’s ecosystem. Allowing merchants and commerce to accept payments in an easy way, accessing a variety of payment services with just one integration and enabling end users to pay in an easy and secure...

  • Sr. DevOps Engineer

    hace 2 meses


    Ciudad de México Thomson Reuters A tiempo completo

    **About us** Are you passionate about the chance to bring your technical experience to drive our Engineering team using industry best practices in a world-class company? We are hiring several Sr. DevOps Engineers with various experience levels for our Operations Center in Mexico City. We are expanding our global Operations Centers footprint by establishing...


  • Ciudad de México Orbia A tiempo completo

    Orbia Advance Corporation is a Purpose-led company with big aspirations. We are out to advance life around the world while maximizing value to our shareholders, customers and employees. The Company is passionate about the topics that define how people will live and thrive tomorrow: the future of cities, buildings, agriculture, and materials. Orbia Advance...


  • Ciudad de México, Ciudad de México Atos A tiempo completo

    Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47...


  • Ciudad de México, Ciudad de México Atos A tiempo completo

    Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47...


  • Ciudad de México, Ciudad de México Hitachi Careers A tiempo completo

    We're Hitachi Vantara, a global infrastructure business. Our people are the force of meaningful progress. We enable the incredible with data - from taking theme park fans on magical rides, conserving natural resources, protecting rainforests to saving lives. We empower businesses to automate, optimize and advance innovation. Together, we create a sustainable...