Remoote.app

Work from anywhere. Start here.

JobsFree resume builderCompaniesLog in
Apply

Product Security Engineer

Posted 2024-11-07

View full description

πŸ’Ž Seniority level: Senior, Minimum 6 years of experience

πŸ“ Location: EU, APAC

πŸ” Industry: Software

🏒 Company: Hashgraph

⏳ Experience: Minimum 6 years of experience

πŸͺ„ Skills: Software DevelopmentJava

Requirements:
  • Minimum 6 years of experience in application or product security, including 2-3 years of experience in software development or related field.
  • Familiarity with common security vulnerabilities and attack vectors.
  • Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools.
  • Strong understanding of secure coding practices and principles (mainly Java and Solidity).
  • OSWA and/or CISSP certifications are mandatory - web3 experience can be considered as an alternative if these certifications haven't been obtained.
Responsibilities:
  • Conducting thorough security reviews of the company's products throughout the development lifecycle, including the design, implementation, and release phases.
  • Collaborating with cross-functional teams to identify security vulnerabilities and recommend mitigation strategies.
  • Developing and maintaining security testing methodologies and procedures.
  • Implementing and managing automated security testing tools and processes.
  • Providing guidance and support to development teams on secure coding practices and security best practices.
  • Staying current with industry trends and emerging threats to inform and enhance product security measures.
  • Assisting in incident response activities related to product security incidents.
  • Participating in security awareness training programs for internal stakeholders.
Apply

Related Jobs

Apply
πŸ”₯ Senior Staff Product Security Engineer
Posted 2024-11-07

πŸ“ Slovakia, Czechia

πŸ” Cybersecurity

🏒 Company: SentinelOne

  • Minimum of 5 years of experience in product security or a related field.
  • Strong understanding of security principles, vulnerabilities, and attack vectors.
  • Proven experience in conducting threat modeling and risk assessments.
  • Experience working with SAST, SCA, DAST, IAST, and IaC tools.
  • Experience with secure coding practices and security testing methodologies.
  • Experience in incident response and remediation processes.
  • Excellent communication and collaboration skills.
  • Ability to work independently and as part of a team.
  • Strong analytical and problem-solving skills.
  • Passion for security and a desire to make products secure.
  • Experience in cloud security and containerization technologies.
  • Agile development environment experience.
  • Security certifications like CISSP, CISA, or CEH.

  • Identify potential security threats and vulnerabilities in products, applications, and infrastructure through threat modeling and risk assessment.
  • Review and contribute to the design of secure systems considering technical and business requirements.
  • Conduct thorough code reviews and implement security testing methodologies to identify and address software vulnerabilities.
  • Lead the investigation and response to security incidents, including vulnerability patching and forensics.
  • Develop and implement security awareness programs for stakeholders.
  • Continuously research and stay updated on emerging security vulnerabilities and best practices.
  • Collaborate with cross-functional teams to communicate security risks and solutions effectively.
  • Contribute to the development of security policies and procedures.
  • Develop and implement security automation tools.

DockerLeadershipAgileCloud ComputingCybersecurityKubernetesProduct ManagementCross-functional Team LeadershipCommunication SkillsAnalytical SkillsCollaborationCI/CD

Posted 2024-11-07
Apply
Apply
πŸ”₯ Principal Product Security Engineer (International)
Posted 2024-10-15

πŸ“ Poland, Portugal, Romania, Spain, France

πŸ” Security technology

🏒 Company: Unchained Capital, Inc.

  • 10+ years of experience in product/application security, security architecture, or security engineering roles, including leadership experience
  • Deep hands-on technical expertise in secure development practices, cloud-native security architectures, threat modeling, and modern application security vulnerabilities and mitigations
  • Strong experience with authentication protocols, cryptography, secrets management, and other foundational application security concepts
  • Proven track record of building and scaling effective product security programs and teams
  • Exhibits strong leadership skills and ability to set technical vision and direction
  • Strong sense of ownership, urgency, and drive
  • Analytical mindset with excellent problem-solving skills
  • Team player with strong collaboration, communication, and influencing skills
  • Comfortable diving deep into technical details while maintaining strategic perspective
  • Adaptable and embraces change and continuous learning

  • Provide strategic technical guidance to the Unchained Information Security team
  • Establish security architecture standards and promote secure design practices
  • Conduct in-depth application threat modeling and risk assessments
  • Develop and enforce secure coding guidelines, static code analysis (SAST), dynamic testing (DAST), and secure build/deploy pipelines
  • Design and oversee the implementation of robust security controls for authentication, authorization, cryptography, key management, and secrets management
  • Proactively identify and mitigate OWASP Top 10 and other application security risks
  • Collaborate with engineering teams to integrate effective security controls and testing into their SDLC
  • Manage and influence senior-level stakeholder relationships, including security technology, engineering, and operations
  • Drive innovation and strategic thinking to proactively tackle emerging security challenges at the company's scale

LeadershipSoftware DevelopmentBlockchainCybersecuritySoftware ArchitectureCross-functional Team LeadershipCommunication SkillsAnalytical SkillsCollaboration

Posted 2024-10-15
Apply
Apply
πŸ”₯ Senior Product Security Engineer
Posted 2024-09-06

πŸ“ EU or APAC

🧭 Full-Time

πŸ” Software, Blockchain technology

🏒 Company: Hashgraph

  • Bachelor's or Master's degree in Computer Science, Information Security, Blockchain, Cryptography, or related field (or equivalent experience).
  • 8+ years of experience in product security, application security, or penetration testing.
  • 2+ years of experience in blockchain security, smart contract auditing, or related roles.
  • Proficiency in smart contract languages such as Solidity or Rust and familiarity with blockchain platforms like Ethereum; knowledge of the Hedera Blockchain is a plus.
  • Strong understanding of web3 technologies and protocols (e.g., Gossip, Ethereum, IPFS, Whisper).
  • Experience with security assessment tools and methodologies specific to blockchain environments.
  • Familiarity with common blockchain security vulnerabilities and attack vectors.
  • Knowledge of cryptographic principles and protocols relevant to blockchain security.
  • Excellent problem-solving skills and ability to analyze complex systems.
  • Effective communication skills and ability to work collaboratively with cross-functional teams.
  • Hands-on experience with security testing tools such as static analysis, dynamic analysis, and fuzzing tools.
  • OSWA and/or CISSP certifications are mandatory.

  • Conducting comprehensive security assessments of blockchain-based systems, focusing on web3 security and smart contract security.
  • Writing malicious smart contracts to exploit and identify vulnerabilities in the Hedera blockchain.
  • Developing and implementing security strategies and best practices for the Hedera blockchain protocols.
  • Collaborating with development teams to integrate security measures into the design and implementation of blockchain solutions.
  • Designing and executing penetration testing and vulnerability assessments on blockchain networks and associated components.
  • Staying updated on emerging threats and vulnerabilities in the blockchain space and providing guidance on mitigation strategies.
  • Educating internal stakeholders on blockchain security best practices and principles.
  • Contributing to the development of security tools and frameworks tailored for blockchain environments.
  • Assisting in incident response activities related to blockchain security incidents.
  • Participating in security awareness training programs for internal stakeholders.

BlockchainEthereumRustCommunication SkillsProblem Solving

Posted 2024-09-06
Apply