Senior Security Engineer - Platform Engineer

View full description

Requirements:

• At least 5+ years of experience as an engineer with a Bachelor's degree; or 3 years of experience with an advanced degree; or 8+ years of relevant experience instead of a degree.
• Industry standard certifications like OSCP/OSCE/CEH, CISSP, CWAD.
• Experience or knowledge about Payments or Financial Services.
• 5+ years of experience in software security (AppSec).
• Expert-level knowledge of common web application vulnerabilities (OWASP Top 10).
• Knowledge in threat modeling methodologies such as STRIDE or PASTA.
• Developer-level proficiency in languages such as Python, Java, JavaScript, and Golang.
• Knowledge of cloud native technologies including containers, Kubernetes, and AWS, GCP, or Azure services.
• Experience with static analysis, dynamic analysis, and software composition analysis security tools.

Responsibilities:

• Perform and troubleshoot various application security tools into CI/CD pipeline.
• Conduct spot validations to test issues/fixes.
• Perform Design Reviews and Threat Modeling for products.
• Liaison with Bug Bounty programs and developer teams to track issues.
• Provide support to all phases of penetration tests and red team activities.
• Engage with Core Engineering leads to ensure timely risk remediation.
• Work closely with development teams to ensure security and infrastructure requirements.
• Define product security architecture strategies and procedures.
• Document operational procedures and current state architecture.
• Provide subject matter expertise to project teams.
• Provide on-call rotation support to relevant services and tooling.