Principal Product Security Engineer

Stelle nicht auf LinkedIn

🕒 vor 6 Tagen

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

365id

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

Gegründet 2015

🔒 Cybersecurity

📋 Compliance

💳 Fintech

Cybersecurity • Compliance • Fintech

365id ist ein Unternehmen, das sich auf marktführende Lösungen zur Identitätsprüfung spezialisiert hat, um Betrug zu verhindern, die Einhaltung von Vorschriften sicherzustellen und das Kundenerlebnis in verschiedenen Branchen zu verbessern. Ihre Dienstleistungen umfassen die Echtzeitverifikation von Ausweisdokumenten durch einfach zu bedienende Scanner und Software, die darauf ausgelegt sind, den Kunden-Onboarding-Prozess zu optimieren und gleichzeitig gesetzliche Anforderungen zu erfüllen. Vertraut von Banken, Autovermietungen, Hotels und vielen anderen, konzentriert sich 365id darauf, sichere, zuverlässige und effiziente Lösungen zur Identitätsprüfung bereitzustellen, die sich leicht in bestehende Geschäftssysteme integrieren lassen.

Beschreibung

• Own and mature the product security program, including security review processes, secure development standards, risk prioritization, vulnerability remediation practices, and engineering enablement. • Lead security architecture reviews and secure design initiatives across backend services, web applications, mobile applications, APIs, and remote devices. • Review source code and application architecture to identify security vulnerabilities, insecure patterns, and operational risks. • Partner closely with Engineering, DevOps, QA, Infrastructure, and Product teams to integrate security into the software development lifecycle. • Establish and enforce secure coding standards, development guidelines, and security best practices. • Mentor and guide software engineers on secure development practices and remediation strategies. • Perform threat modeling and risk assessments for new and existing products and infrastructure. • Assist in incident response investigations, root cause analysis, and remediation planning. • Evaluate third-party libraries, frameworks, and dependencies for security and operational risks. • Collaborate with DevOps and Infrastructure teams on cloud security, CI/CD security, secrets management, and system hardening. • Drive vulnerability management efforts, including prioritization, remediation guidance, and validation. • Help define and implement logging, monitoring, and security alerting strategies. • Partner with external security consultants and vendors on penetration testing and security assessments. • Promote a security-first engineering culture across the organization.

🎯 Anforderungen

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience. • 7+ years of experience in software engineering, application security, product security, or cybersecurity engineering. • Strong understanding of secure application architecture and modern security practices for web, mobile, cloud, and distributed systems. • Hands-on experience reviewing source code and identifying security vulnerabilities. • Experience with OWASP Top 10, secure coding standards, authentication/authorization models, API security, and vulnerability remediation. • Experience securing cloud-native environments in AWS, Azure, or GCP. • Strong understanding of CI/CD pipelines, DevSecOps practices, container security, and infrastructure security. • Experience with threat modeling, penetration testing coordination, and incident response processes. • Ability to mentor engineers and influence technical direction across multiple teams. • Strong analytical, communication, and leadership skills.

🏖️ Vorteile

• Health insurance • Flexible work arrangements • Professional development