Product Security Engineer

Posted:
11/4/2024, 5:40:37 AM

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Hybrid

We're revolutionizing the fitness & wellness industry, and we’re looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry’s most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we’re partnering with more than 70,000 fitness studios, gyms, salons, and spas around the world. We’re not just another tech company—we’re far and away the leader of our industry. So join the team, work with mission-led people, and enjoy amazing benefits. Let’s see what we can accomplish together! 

Who we are 

 We are a dedicated team of product security engineers committed to developing and supporting ground-breaking software products. Together we will work to safeguard the future, enabling wellness businesses worldwide to empower their customers to lead healthy lives. Driven by a higher purpose, we continuously challenge ourselves and our organization to excel, recognizing the strength that comes from collaborative efforts toward a common objective. We are strong advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the core of our achievements is a deep belief in the value of our people. If you share our passion and vision, we invite you to consider joining our team. Together, we can explore remarkable feats and make a lasting impact!  

 

Your role  

As a Security Architect, you will be responsible for contributing to the success of the Product Security team in several key areas.  You’ll work to reduce security friction across engineering by fostering partnership and collaboration to enhance our security posture.  Security enablement will be a crucial aspect of your responsibilities involving research, secure architecture, and design.  You’ll play a vital role to ensure solutions are secure by default.  You will facilitate continuous security testing, measurability, and reporting on the impact of security initiatives.   

You’ll pursue continuous improvement to help Mindbody achieve its mission: Powering the world’s fitness and wellness businesses and connecting them with more consumers, more effectively, than anyone else. 
 

You will 

  • Partner with engineering and platform teams to identify and solve complex security problems. 
  • Contribute to the vision and roadmap to increase the security posture of our code and products.  
  • Conduct security reviews of product designs, code, and configurations to minimize software risk. 
  • Conduct comprehensive threat modeling exercises and testing to identify security risks and vulnerabilities while collaborating with product teams. 
  • Identify security gaps and provide strategic recommendations for remediation. 
  • Address security issues identified throughout the secure software development lifecycle.  
  • Conduct security testing beginning from the product planning phase continuing through production deployment. 
  • Lead in the research, development, and implementation of new product security capabilities.  
  • Develop and implement quantifiable application risk assessments of Mindbody and ClassPass products and infrastructure.  
  • Scale the impact of Cyber Security by contributing and leading various Security Champion Initiatives.  
  • Define and implement security requirements ensuring alignment with industry standards and best practices.  
  • Ability to work independently, and lead both cyber security and cross functional security initiatives. 
  • Stay abreast of emerging security threats, vulnerabilities and controls. 

 

About the right team member 

You are an intellectually curious architect who is passionate about creating impactful security solutions and who is excited to share them with others using your excellent verbal and written communication skills. You are a cloud security, application security, and network security expert. You have previous software experience and are eager to apply those skills to grow Product Security while working with fellow team members, security champions, company leadership and others across the broader Product Development and Engineering organization.   

 

You will thrive in this role with experience 

  • 7+ year experience across multiple security domains with an emphasis on product security and cloud-native security.   
  • 4+ year security architecture experience executing product security initiatives (i.e. secure architecture, SSDLC, threat models, and risk assessments). 
  • Expert knowledge of modern web application components, development, architecture, and design principles. 
  • Hands-on experience with design, code review, and securing products and solutions for public cloud-based applications and infrastructure. 
  • Experience architecting and developing product-centric security solutions. 
  • Expert knowledge securing internal microservices and public API’s. 
  • Experience securing applications deployed using Docker, Kubernetes, and public cloud environments. 
  • Product Security experience working for a SaaS-based organization. 
  • Excellent leadership and project management skills, with a track record of driving security initiatives within software development teams. 
  • Excellent communication skills (both written and verbal).  
  • Self-motivated, self-directed, and self-organized. 

 
Nice to have experience 

  • SAST, SCA, DAST, WAF, and CNAPP solutions.  
  • Offensive testing tools like Burp Suite and Kali Linux. 
  • Penetration testing. 

 

 

Have we piqued your curiosity?

Sound like the role for you? We’d love to hear from you! Even if you’re not 100% sure about potential fit, we still encourage you to apply. We’re looking for the right person, not the perfect series of checkboxes.

Mindbody is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.

By entering your email and phone number and submitting your application, you consent to receive emails, calls and SMS about your application and other roles at Mindbody, including by auto-dialer. Message and data rates may apply. Opt-out or text STOP to cancel at any time. If you are a California resident or reside outside the United States then by submitting your application you confirm that you have read, understood, agree and - where applicable - grant your prior, free, informed and express consent for the processing of your personal information, including sensitive personal information, as described in our California Applicant Privacy Notice or International Applicant Privacy Notice (as applicable).