Overview

As a Product Security Engineer you will be responsible for ensuring that company & customer data is secure at all times. You will be building & maintaining modern security tools, controls & services. We’re a small team, so the role is a hybrid of engineering work along with vulnerability and risk management, with a focus on automation and collaboration with our wider Technology team to drive secure development processes within our software development life cycle.
Client:

Project Overview:

Responsibilities:
  • Contribute to the development of the product security roadmap and strategy
  • Boost, build,and innovate upon our security tools in our DevOps pipeline/processes
  • Educate and empower those around you on security topics, helping to increase understanding of security issues and how to prioritize and remediate them
  • Design preventative and/or detective controls for specific security issues alongside our engineering teams within an agile environment
  • Drive security testing (individually, with third parties, and by encouraging adoption within engineering teams) of our products using both structured and explorative approaches, helping to identify vulnerabilities earlier in our product lifecycle
  • Provide SME support during incidents and crisis management meetings

Required Qualifications:
  • Great communication skills, both verbal and written
  • Strong knowledge of application security best practices (such as OWASP)
  • Familiarity with cloud infrastructure (such as AWS, Azure, or Google Cloud)
  • Strong grasp of infrastructure-as-code and configuration tools (such as Terraform or AWS CloudFormation) for the purpose of deploying security tooling
  • Knowledge of extracting metrics and events from security tooling
  • Experience working with and securing microservices, and API’s
  • Advanced understanding of secure coding principles, the Secure Development Lifecycle, and how to drive acceptance and integration into engineering teams
  • Experience implementing and managing SAST and/or DAST within a CI/CD environment
  • Understanding of security tools such as WAFs, and vulnerability scanning tools
  • Understanding of cryptography, authentication, and authorization

Please note: Our intelligent job search engine discovered this job and republished it for your convenience. Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.

Please clearly mention that you have heard of this job opportunity on https://ijob.am.