Staff Security Engineer

This is a fully remote position, open to applicants in India.

📋 Description

• Perform threat modeling and provide training for engineers on threat modeling techniques and standard evaluation practices to identify and prioritize potential vulnerabilities while defining possible mitigations.

• Create, document, and uphold the security standards and design patterns utilized by engineers to ensure consistent and secure code and features.

• Investigate the threat landscape, regulatory considerations, and customer requirements pertinent to Outreach’s business, and propose solutions to address both known and potential threats by establishing and applying suitable security requirements.

• Proficient in using Wiz, Snyk, or similar tools to detect and manage vulnerable dependencies, with strong expertise in Software Composition Analysis (SCA) and Static Application Security Testing (SAST) tools, and their integration into the software development lifecycle.

• Promote strong collaboration across the company by nurturing a close partnership between security and engineering teams, aimed at enhancing customer trust in Outreach and its products.

⛳️ Requirements

• At least 3 years of experience as a senior or principal application security engineer or architect.

• Extensive experience in application security programs, including threat modeling, secure coding best practices, detecting vulnerabilities and secrets in code, and facilitating remediations in a cloud-native SaaS environment.

• Knowledge of contemporary application security challenges and mitigation strategies is critical.

• Experience in creating reference architectures, engineering specifications, and data flow diagrams. Familiarity with customer-facing content is advantageous.

• Experience conducting code reviews to uncover security vulnerabilities.

• Demonstrated success collaborating with engineers and technologies in cloud-native, DevOps environments (including CI/CD pipelines, microservices, and infrastructure as code).

• Proven ability to partner and collaborate with engineers, producing formal documentation to communicate program effectiveness to leadership.

• Experience in evaluating and implementing third-party tools and services to support a robust Software Development Life Cycle (SDL) program.

• Experienced in mentoring and training others in application security principles and practices.

• Excellent interpersonal and management capabilities.

• Strong written and verbal communication skills. Experience interacting with customers or customer-facing teams is a plus.

• Capacity to work independently and adapt flexibly to thrive within Outreach’s dynamic culture.

🏝️ Benefits

• Highly competitive salary

• 25 days of annual vacation time plus sick time and casual leave

• Group medical policy coverage available for employees and up to 5 eligible family members

• OPD benefit covered up to INR 10,000

• Life insurance and personal accident insurance equivalent to 3x annual CTC

• 26 weeks of paid maternity leave and 15 days of paid paternity leave

• Opportunity to participate in company success through the RSU program

• Diversity and inclusion initiatives that support employee resource groups like OWN+ (Outreach Women's Network), Adelante (Latinx community), OBX (Outreach Black Connection), Mosaic (AAPI community), Pride (LGBTQIA+), Gender+, Disability Community, and Veterans/Military

• Employee referral bonuses to encourage bringing great new talent to the team

• Enjoyable company and team outings because we believe in working hard and playing hard