Security Engineer – Product

📋 Description

• Collaborate with the Engineering team to integrate security throughout the software development lifecycle, encompassing threat modeling, secure design assessments, and security requirements.

• Evaluate findings from application security tools, then provide direction for remediation through well-defined priorities and actionable solutions.

• Establish and uphold secure-by-default practices for developers, which include libraries, templates, and CI checks.

• Enhance supply chain security within build and release processes, focusing on signing, provenance, and policy enforcement.

• Support teams in delivering secure modifications swiftly by making security guidance straightforward, repeatable, and user-friendly.

⛳️ Requirements

• Over 3 years of professional experience in product security, application security, or a comparable engineering security position.

• Solid understanding of application security principles and awareness of common vulnerability types.

• Practical experience in securing CI/CD workflows, such as GitHub Actions, GitLab CI, or similar platforms.

• Knowledge of contemporary security tools, including SAST, SCA, dependency scanning, and secret scanning.

• Capability to work effectively with engineers, articulate trade-offs clearly, and facilitate secure changes through the delivery process.

• Experience utilizing AI tools to enhance security workflows, boost developer productivity, or increase engineering velocity.

• Proficiency in programming with a general-purpose language, particularly Go or Python.

🏝️ Benefits

• Offers Equity

• Offers Bonus