Sr. Product Security Engineer
hace 6 días
The Opportunity
We seek a trustworthy and proactive Senior Product Security Engineer to be the technical thought leader and driver of a paved-road, holistic product security program. The Product Security Engineer works across various engineering groups in our organization to ensure that our products are as secure and privacy-protecting as our customers expect. We're looking for someone who loves to solve big challenges in Product Security. These challenges include ensuring a secure software supply chain from idea to operation, providing software provenance, automating all the things in CI/CD, and, of course, building and breaking software to make it more secure.
To be successful as a Product Security Engineer, you should have hands-on experience securing the software supply chain and products of a SaaS and mobile first company, enjoy partnering with fellow engineers, and be able to speak to the big picture of the SDLC and how to achieve a desired state in reasonable chunks. As an engineer, you should lead with a hacker mindset and be able to roll up your sleeves and design, architect, and threat model security critical solutions. Reporting to the Sr. Director of Information Security, you will be an early hire to the security team and will have the opportunity to influence and evolve our product security program.
Responsibilities
- Partner with engineering and product management teams to perform threat modeling, architecture & design, and code reviews. Assess security implications, requirements for the secure development of new systems, features, and technologies.
- Provide hands-on remediation guidance to development teams and design security architecture, features and controls that keeps our customers' data safe and preserves their privacy.
- Build a security paved road through automation and tooling (SAST, SCA, MAST, IaC, DAST, Fuzzing, etc.) into the SDLC and CI/CD integrations that enables our developers to easily produce secure software.
- Define, architect, build, improve and validate secure software supply chain and build provenance mechanisms.
- Manage, triage, and provide support to external researchers in our vulnerability disclosure and bug bounty programs.
- Provide proof of concept exploits, facilitate vulnerability remediation, and drive adherence to software security standards through policy as code.
- You'll help scale the engineering organization and mentor engineers on best practices in secure software design and architecture.
Qualifications:
- Deep expertise in at least one domain: web application and browser security, mobile application security, applied cryptography, machine learning and artificial intelligence security, offensive security, cloud security, hardware security.
- Experience in software engineering, infrastructure engineering, site reliability engineering, or offensive security for a SaaS product company.
- Experience with a variety of security tooling, to include: SAST, DAST, SCA, IaC Scanning, Image and Container Scanning, MAST, IAST, and offensive security and proxy tooling.
- Deep expertise with common application security flaws, security controls, and common security libraries and identifying security issues through code review, threat modeling, penetration testing, and other techniques manually and with tools.
- You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
- Extensive experience in SaaS product development and security space; securing complex interconnected web and mobile applications and their architectures using Python, Javascript, Swift, Java, C++, Kotlin, or any other modern language.
- You enjoy collaborating cross-functionally to accomplish shared goals, and you care about learning, growing, and helping others to do the same.
Preferred Experience and Certification:
- SaaS Startup experience in security focused industries, such as fintech, security software and services, healthtech, identity and access management.
- Experience with virtualization, containerization technology, orchestration, and cloud native security.
- Certifications in Security, Product Securityand/or Offensive Security (eg. OSCP, OSWP, OSEP, OSWA, OSED, OSMR, OSWE, OSEE, GPEN, GWAPT, CEH, etc).
- Cloud Certifications, such as AWS Certified Solutions Architect, AWS Security Specialty
- Hands-on experience in offensive security, and CVEs to prove it.
#J-18808-Ljbffr
-
Sr. Security Engineer
hace 6 días
Ciudad de México, Ciudad de México Page Personnel A tiempo completoOpportunity to be part of a multinational team working as a Sr Security EngineerSobre nuestro cliente:Be part of one of Page Resourcing's multinational clients in the IT sectorDescripción:The main responsibilities are to: Design, implement, and maintain security controls and technologies to protect against cyber threats, such as firewalls, intrusion...
-
Security Solutions Engineer
hace 6 días
Ciudad de México, Ciudad de México Security Bank & Trust Co. A tiempo completoThe role of a Security Solutions Engineer at Cover Genius involves enhancing the company's security posture through a rigorous understanding of information security standards and the development of security solutions. Key responsibilities include writing risk management policies, assessing and remediating cloud infrastructure security, assisting engineering...
-
Security Systems Engineer
hace 7 días
Ciudad de México, Ciudad de México Security Bank & Trust Co. A tiempo completoCover Genius is seeking a Security Systems Engineer responsible for enhancing the company's security posture. This involves writing Risk Management Framework-based policies, assessing and remediating cloud infrastructure security, and helping implement a "shift left" security culture. Required familiarity with cloud platforms, identity providers, and...
-
Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Stori Card - MX A tiempo completoYou will Design and cybersecurity controls for cloud architecture (Cloud, endpoints, AWS) Follow up on control development and implementation Perform assessments on infrastructure and application controls to ensure compliance with security policy and security architecture requirements Requirements Bachelor's Degree in Computer Science, Cyber Security,...
-
Sr Sentinelone Engineer
hace 6 días
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoSenior SentinelOne EngineerLocation: Mexico (Remote/Work-from-Home)We are seeking a skilled and experienced Senior SentinelOne Engineer to join our team. As a Senior SentinelOne Engineer, you will be responsible for the design, implementation, and management of our endpoint security infrastructure using SentinelOne. This is a senior-level role for an...
-
DevSecOps Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Ford Motor Company A tiempo completoFord Motor Company Since 1903, we have helped to build a better world for the people and communities that we serve. Welcome to Ford Motor Company. View company page Ford Motor Company is an Equal Opportunity Employer, as we are committed with a diverse workforce, and do not discriminate against any employee or applicant for employment because of race,...
-
Sr. Support Engineer
hace 6 días
Ciudad de México, Ciudad de México Dell Technologies A tiempo completoSr. Support Engineer | VMware Automation (vRealize Automation | Aria) - HybridLocations: Mexico City, Mexico | Sao Paulo, Brazil | Eldorado Do Sul, BrazilEmployment Type: Full TimePosted: 2 Days AgoJob Requisition ID: R227594Lab Support Engineering is an essential part of a global team that offers 24/7 lab access and solutions support in multiple locations....
-
Senior Application Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Refinitiv A tiempo completoSenior Application Security Engineer page is loaded Senior Application Security Engineer Apply remote type Remote Job: Hybrid locations MEX-Distrito Federal-Reforma 26 time type Full time posted on Posted 3 Days Ago job requisition id JREQ177031 Senior Application Security EngineerAs a Senior Application Security engineer within Information Security and...
-
Senior Application Security Engineer
hace 6 días
Ciudad de México, Ciudad de México Refinitiv A tiempo completoSenior Application Security Engineer page is loaded Senior Application Security Engineer Apply remote type Remote Job: Hybrid locations MEX-Distrito Federal-Reforma 26 time type Full time posted on Posted 3 Days Ago job requisition id JREQ177031 Senior Application Security Engineer As a Senior Application Security engineer within Information Security...
-
Lead Security Solutions Engineer
hace 7 días
Ciudad de México, Ciudad de México dynaTrace software GmbH A tiempo completoAn excellent opportunity to be a key contributor to the exciting Dynatrace Security Solution journey. The individual will closely work with the broader solutions engineering team and security sales specialist team to drive the technical lane in opportunities and will be responsible for providing pre-sales technical support and expert guidance to the broader...
-
Sr Network Engineer
hace 7 días
Ciudad de México, Ciudad de México Zodient A tiempo completoSr Network EngineerMexicoSkills and Experience required: IT related degree qualification 5+ years IT related work experience Strong networking background with a focus on Cisco routers and switches hardware Extensive knowledge and experience of Core Routing and Switching design, configuration, and troubleshooting Routing protocols OSPF, EIGRP, BGP, ISIS WAN...
-
Azure Cloud Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Atos SE A tiempo completoPress Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced...
-
GCP Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Atos A tiempo completoAtos Atos is a global leader in digital transformation with 112,000 employees and annual revenue of c. € 11 billion. View company page Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading...
-
Senior Application Security Engineer
hace 7 días
Ciudad de México, Ciudad de México Tiger Text A tiempo completoSenior Application Security EngineerAs a Senior Application Security engineer within Information Security and Risk Management (ISRM) Product Security, you will join us on our mission to bring frictionless and continuous security to our engineering teams who build our products to securely Inform The Way Forward .We promise you won't be bored with all our bold...
-
Senior Application Security Engineer
hace 6 días
Ciudad de México, Ciudad de México Thomson Reuters A tiempo completoSenior Application Security Engineer As a Senior Application Security engineer within Information Security and Risk Management (ISRM) Product Security, you will join us on our mission to bring frictionless and continuous security to our engineering teams who build our products to securely "Inform The Way Forward". We promise you won't be bored with all...
-
Security Engineer II
hace 6 días
Ciudad de México, Ciudad de México Etsy, Inc. A tiempo completoCompany DescriptionEtsy is the global marketplace for unique and creative goods. We build, power, and evolve the tools and technologies that connect millions of entrepreneurs with millions of buyers around the world. As an Etsy Inc. employee, whether a team member of Etsy, Reverb, or Depop, you will tackle unique, meaningful, and large-scale problems...
-
Security Operations Engineer
hace 6 días
Ciudad de México, Ciudad de México Yuno A tiempo completoCOME JOIN US AT YUNO We are seeking a Security Operations Engineer to join our team. At Yuno we are looking to solve the complexity of the online payment's ecosystem. Allowing merchants and commerce to accept payments in an easy way, accessing a variety of payment services with just one integration and enabling end users to pay in an easy and secure way....
-
Data Engineer Sr. Remoto
hace 6 días
Ciudad de México, Ciudad de México Azka IT Consulting A tiempo completoAZKAIT es una empresa Mexicana que busca y conecta el mejor talento IT con empresas Latinoamericanas y de Estados Unidos.Estamos en la búsqueda de tu talento como Data Engineer Sr.Requisitos:Data Engineer Sr. RemotoComo Data Engineer Sr. participarás de manera remota en el análisis de datos, el despliegue de nuevas fuentes de reclamaciones y la...
-
Azure Cloud Security Engineer
hace 4 semanas
Ciudad de México, Ciudad de México Atos A tiempo completoEviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47...
-
Azure Cloud Security Engineer
hace 3 semanas
Ciudad de México, Ciudad de México Atos A tiempo completoEviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47...