We are actively seeking Product Security Engineers to join our team. As part of our Security Engineering team, you will be responsible for enabling Secure Product release at the speed of the development team, and continuously improving on premise and SaaS security posture. The role will serve as a Security specialist in the areas of secure design, cloud security, data protection, access management, security automation, working with development teams & cloud infrastructure teams side by side and resolving  security issues. 

You will also ensure we’re in lock step with product engineering and develop our security services to improve security across the products. Engaging with other teams and communicating with stakeholders will be a regular part of the job. We’re looking for an individual who’s motivated by solving security challenges, enjoys development & automation and problem-solving.

Responsibilities

• Core software development of security services, resolving security design & code related issues
• Supporting security patching and maintaining a clean base os images 
• Perform Threat Modeling and Pen Testing of system services and cloud Infrastructure & services
• Conduct assessments of security controls, cloud configurations and continuous verification
• Work with Cloud Infrastructure to  team to Implement security controls monitoring, cloud security configurations and continuous verification
• Identify and effectively communicate architectural vulnerabilities with supporting risk statements and realistic mitigation options to stakeholders.
• Monitor security sources for vulnerability announcements and remediations, and create patches

Must Have's

• B.S. or M.S. in Computer Science, Electrical Engineering or related experience
• 6 to 10 years of experience in Security Engineering, including core development, infrastructure security, working & deploying services in SaaS 
• Hands-on coding skills in at least one of the following languages: Python & Golang
• Solid experience with security tooling and best practices for implementation in development pipelines and infrastructure.
• Experience with Application Security Testing, Penetration testing, Security event management, vulnerability management, threat modeling, and threat management systems 
• Deep understanding of Linux systems security & container security is a must 
• Deep understanding of Cloud Security fundamentals (Cloud networks and Cloud-based Systems), including key management, IAM roles and Cloud security controls
• Hands one working experience in architecting/operating solutions and security frameworks built on AWS  &  Azure
• Experience in implementing Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) is a plus
• An interest and desire to stay abreast of emerging security threats, vulnerabilities, and controls
• Experience working in a regulated environment (SOC, FedRamp, HIPAA, etc.)