Principal Product Security Engineer

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

365id

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2015

🔒 Cybersecurity

📋 Compliance

💳 Fintech

Cybersecurity • Compliance • Fintech

365id is a company that specializes in market-leading ID verification solutions aimed at preventing fraud, ensuring compliance, and enhancing customer experience across various industries. Their services include real-time verification of ID documents through easy-to-use scanners and software, designed to streamline the customer onboarding process while meeting legal requirements. Trusted by banks, car rental companies, hotels, and many others, 365id focuses on providing secure, reliable, and efficient identity verification solutions that can easily integrate into existing business systems.

📋 Description

• Own and mature the product security program, including security review processes, secure development standards, risk prioritization, vulnerability remediation practices, and engineering enablement. • Lead security architecture reviews and secure design initiatives across backend services, web applications, mobile applications, APIs, and remote devices. • Review source code and application architecture to identify security vulnerabilities, insecure patterns, and operational risks. • Partner closely with Engineering, DevOps, QA, Infrastructure, and Product teams to integrate security into the software development lifecycle. • Establish and enforce secure coding standards, development guidelines, and security best practices. • Mentor and guide software engineers on secure development practices and remediation strategies. • Perform threat modeling and risk assessments for new and existing products and infrastructure. • Assist in incident response investigations, root cause analysis, and remediation planning. • Evaluate third-party libraries, frameworks, and dependencies for security and operational risks. • Collaborate with DevOps and Infrastructure teams on cloud security, CI/CD security, secrets management, and system hardening. • Drive vulnerability management efforts, including prioritization, remediation guidance, and validation. • Help define and implement logging, monitoring, and security alerting strategies. • Partner with external security consultants and vendors on penetration testing and security assessments. • Promote a security-first engineering culture across the organization.

🎯 Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience. • 7+ years of experience in software engineering, application security, product security, or cybersecurity engineering. • Strong understanding of secure application architecture and modern security practices for web, mobile, cloud, and distributed systems. • Hands-on experience reviewing source code and identifying security vulnerabilities. • Experience with OWASP Top 10, secure coding standards, authentication/authorization models, API security, and vulnerability remediation. • Experience securing cloud-native environments in AWS, Azure, or GCP. • Strong understanding of CI/CD pipelines, DevSecOps practices, container security, and infrastructure security. • Experience with threat modeling, penetration testing coordination, and incident response processes. • Ability to mentor engineers and influence technical direction across multiple teams. • Strong analytical, communication, and leadership skills.

🏖️ Benefits

• Health insurance • Flexible work arrangements • Professional development