Senior Product Security Engineer

B.S. in Computer Science, Cyber Security or a related field. 5+ years of experience in cloud security engineering with a focus on application/product security. Deep understanding of OWASP Top 10, secure coding, threat modeling, authentication/authorization, cryptography, and cloud-native application security. Strong grasp of NIST CSF and other regulatory frameworks. Experience with Data Governance and Privacy. Experience with tools like SAST/DAST, SCA, container security. Experience with languages like Python and JavaScript. Strong communication and collaboration skills.

Define and implement product and application security strategies throughout the SDLC. Collaborate with teams to design secure architectures for applications. Integrate security best practices into CI/CD pipelines and conduct secure code reviews/threat modeling. Lead and perform penetration testing, code analysis, and security reviews. Develop and maintain automated security testing tools and workflows. Lead investigation and remediation of security incidents related to products. Support compliance initiatives like SOC2, ISO27001, etc. Educate engineers on secure development practices and act as a liaison between security and engineering.