Senior Product Security Engineer

Posted 2024-11-21

💎 Seniority level: Senior, 5+ years

📍 Location: United States

💸 Salary: 188000 - 230000 USD per year

🔍 Industry: Mental health care technology

🗣️ Languages: English

⏳ Experience: 5+ years

🪄 Skills: AWSPythonKafkaTypeScriptFastAPIPostgresProduct designRedisReactSpark

5+ years of experience in security and/or software engineering roles.
Demonstrated history of working on security-related projects.
Strong cross-functional experience with team collaboration.
Technical depth in building secure platforms and products.
Ability to tackle ambiguous problems in a fast-paced environment.
Focus on innovation in security and privacy technologies.
Results-driven and motivated by the mission to increase access to quality mental health care.

Partner with Product and Engineering for secure new product launches.
Engage in implementation efforts, security reviews, product design decisions, and auditing vulnerabilities.
Develop automated tooling for product security capabilities.
Define application guardrails for secure development practices.
Assist in ongoing security operations, including incident response and vulnerability management.

Posted 2024-10-18

📍 USA

💸 127500 - 230000 USD per year

🏢 Company: Navan

Proven experience performing threat modeling and architecture reviews for complex applications.
Experience delivering critical org-wide product security initiatives.
Experience performing application, cloud, and mobile penetration testing.
6-8 years of Technical Product Security related experience.
Ability to execute in multifaceted technical organizations.
Experience with Agile development and cloud environments like AWS.
Familiarity with application security testing tools, CI tools, and defect tracking systems.
In-depth knowledge of application/network protocols, cryptographic primitives, and security threats.

Act as the tech lead for high-priority product security initiatives.
Be a key advisor to the overall strategy and roadmap of the Product Security Program.
Participate in expanding/maturing the Navan S-SDLC program.
Review product designs for security defects, perform threat modeling and recommend remediations.
Work with engineers to identify tradeoffs of different solutions.
Design and develop security tools and processes for development teams.
Assist in developing custom Security as Code solutions.
Provide training and guidance to development teams in the SSDLC.

AWSDockerAgileHibernateCSSJavaJavascriptJenkinsKubernetesSpringJavaScriptJiraStrategyJava SpringAngularCommunication Skills

Posted 2024-10-18

Posted 2024-07-27

📍 United States

🧭 Full-Time

💸 150000 - 200000 USD per year

🔍 Financial Technology

Deep understanding of web application architecture and design principles.
Experience with modern software development techniques for cloud-based services; preferred languages include Python, Kotlin, Java, as well as AWS and Azure.
Knowledge of common security flaws as per OWASP and SANS.
Experience with PCI or other regulated environments.
Experience in threat modeling for complex distributed products.
Familiarity with standard authentication mechanisms like SAML and OAuth2.
Understanding of continuous integration and deployment processes and tools.
BS or equivalent in a related field; MS or equivalent preferred.

Partner with Affirm product teams to ensure security in all phases of product development.
Conduct threat modeling and architecture reviews to mitigate understood threats.
Review product source code for vulnerabilities and recommend secure implementations.
Identify opportunities for automation in processes.
Detect and develop solutions for emerging classes of vulnerabilities.
Assist teams in security-focused test cases to meet security requirements.
Advise on business security requirements early in product development.
Decompose projects into tasks, manage scope, and drive project closure.

AWSPythonSoftware DevelopmentJavaKotlinProduct DevelopmentAzure

Posted 2024-07-27

🔧 Requirements