Principal Product Security Engineer

Vaga não está no LinkedIn

🕒 2 dias atrás

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

365id

SiteLinkedInTodas as Vagas

11 - 50 funcionários

Fundada em 2015

🔒 Cibersegurança

📋 Conformidade

💳 Fintech

Cybersecurity • Compliance • Fintech

A 365id é uma empresa especializada em soluções de verificação de ID líderes de mercado, voltadas para prevenir fraudes, garantir compliance e aprimorar a experiência do cliente em diversos setores. Seus serviços incluem a verificação em tempo real de documentos de identificação por meio de scanners e software fáceis de usar, projetados para agilizar o processo de onboarding de clientes enquanto atendem aos requisitos legais. Confiada por bancos, locadoras de veículos, hotéis e muitos outros, a 365id foca em oferecer soluções de verificação de identidade seguras, confiáveis e eficientes, que se integram facilmente aos sistemas empresariais existentes.

Descrição

• Own and mature the product security program, including security review processes, secure development standards, risk prioritization, vulnerability remediation practices, and engineering enablement. • Lead security architecture reviews and secure design initiatives across backend services, web applications, mobile applications, APIs, and remote devices. • Review source code and application architecture to identify security vulnerabilities, insecure patterns, and operational risks. • Partner closely with Engineering, DevOps, QA, Infrastructure, and Product teams to integrate security into the software development lifecycle. • Establish and enforce secure coding standards, development guidelines, and security best practices. • Mentor and guide software engineers on secure development practices and remediation strategies. • Perform threat modeling and risk assessments for new and existing products and infrastructure. • Assist in incident response investigations, root cause analysis, and remediation planning. • Evaluate third-party libraries, frameworks, and dependencies for security and operational risks. • Collaborate with DevOps and Infrastructure teams on cloud security, CI/CD security, secrets management, and system hardening. • Drive vulnerability management efforts, including prioritization, remediation guidance, and validation. • Help define and implement logging, monitoring, and security alerting strategies. • Partner with external security consultants and vendors on penetration testing and security assessments. • Promote a security-first engineering culture across the organization.

🎯 Requisitos

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience. • 7+ years of experience in software engineering, application security, product security, or cybersecurity engineering. • Strong understanding of secure application architecture and modern security practices for web, mobile, cloud, and distributed systems. • Hands-on experience reviewing source code and identifying security vulnerabilities. • Experience with OWASP Top 10, secure coding standards, authentication/authorization models, API security, and vulnerability remediation. • Experience securing cloud-native environments in AWS, Azure, or GCP. • Strong understanding of CI/CD pipelines, DevSecOps practices, container security, and infrastructure security. • Experience with threat modeling, penetration testing coordination, and incident response processes. • Ability to mentor engineers and influence technical direction across multiple teams. • Strong analytical, communication, and leadership skills.

🏖️ Benefícios

• Health insurance • Flexible work arrangements • Professional development