Sr. Product Security Engineer (Privacy specialty)

April 18

Incode Technologies

WebsiteLinkedInAll Job Openings

Powering a world of trust

Mobile Security • KYC • AML • B2B • Identity Management

51 - 200

💰 $220M Series B on 2021-12

Description

• We seek a trustworthy and proactive Senior Product Security Engineer (Privacy specialty) to be the technical thought leader and driver of a paved-road, holistic product security program. • Partner with engineering and product management teams to perform threat modeling, architecture & design, and code reviews. • Provide hands-on remediation guidance to development teams and design security architecture, features and controls that keeps our customers' data safe and preserves their privacy. • Build a security paved road through automation and tooling (SAST, SCA, MAST, IaC, DAST, Fuzzing, etc.) into the SDLC and CI/CD integrations that enables our developers to easily produce secure software. • Define, architect, build, improve and validate secure software supply chain and build provenance mechanisms. • Manage, triage, and provide support to external researchers in our vulnerability disclosure and bug bounty programs. • Provide proof of concept exploits, facilitate vulnerability remediation, and drive adherence to software security standards through policy as code.

Requirements

• Deep expertise in at least one domain: web application and browser security, mobile application security, applied cryptography, machine learning and artificial intelligence security, offensive security, cloud security, hardware security. • Experience in software engineering, infrastructure engineering, site reliability engineering, or offensive security for a SaaS product company. • Experience with a variety of security tooling, to include: SAST, DAST, SCA, IaC Scanning, Image and Container Scanning, MAST, IAST, and offensive security and proxy tooling. • Deep expertise with common application security flaws, security controls, and common security libraries and identifying security issues through code review, threat modeling, penetration testing, and other techniques manually and with tools. • You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership. • Extensive experience in SaaS product development and security space; securing complex interconnected web and mobile applications and their architectures using Python, Javascript, Swift, Java, C++, Kotlin, or any other modern language. • You enjoy collaborating cross-functionally to accomplish shared goals, and you care about learning, growing, and helping others to do the same.

Benefits

• Meaningful Equity • Flexible Working Hours & Workplace • Open Vacation Policy • Wellness Program • International Travel Opportunities • Additional benefit package according to location (401k, medical insurance, etc.)