Senior Product Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
As a Senior Application Security Engineer working remotely from eastern US/Canada or remotely from the UK or in our Bristol, UK office where you will gain invaluable experience at a visionary identity security company. The position requires a passion for application security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment, excellent communications skills, and attention to latest security best practices.
You will:
● Own multiple Security Engineering assignments working with Ping Identity products, processes and tooling
● Provide technical leadership and mentor other Product Security Engineers
● Assist in proposing, developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams
● Work with the product teams to perform architectural, security design/code reviews, vulnerability assessment and management
● Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, building custom tools and automation, and exploit development.
● Innovate in all aspects of automation of SSDLC tasks including use of Generative AI
● Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
● Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product
You have:
● 4+ years of proficiency in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security
● 4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience
● Exceptional problem-solving skills, curiosity about the inner workings of systems and showing attention to details and documentation
● Excellent written and oral communication skills
You have an advantage if you have:
● Experience with Linux environments, administration, security, internals
● Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking)
● Experience in securing machine learning or generative AI platforms
● Experience with CI/CD cloud deployment in Amazon AWS, Azure or Google Cloud Platform
● Security certifications such as CISSP, CSSLP, GIAC, OSCP
Hiring Range: $155,000 - $175,000
In accordance with Colorado’s Equal Pay for Equal Work Act (SB 19-085) the approximate compensation range for this role in Colorado is listed above. Final compensation for this role will be determined by various factors, such as knowledge, skills, and abilities.
About the job
Senior Product Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
As a Senior Application Security Engineer working remotely from eastern US/Canada or remotely from the UK or in our Bristol, UK office where you will gain invaluable experience at a visionary identity security company. The position requires a passion for application security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment, excellent communications skills, and attention to latest security best practices.
You will:
● Own multiple Security Engineering assignments working with Ping Identity products, processes and tooling
● Provide technical leadership and mentor other Product Security Engineers
● Assist in proposing, developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams
● Work with the product teams to perform architectural, security design/code reviews, vulnerability assessment and management
● Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, building custom tools and automation, and exploit development.
● Innovate in all aspects of automation of SSDLC tasks including use of Generative AI
● Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
● Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product
You have:
● 4+ years of proficiency in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security
● 4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience
● Exceptional problem-solving skills, curiosity about the inner workings of systems and showing attention to details and documentation
● Excellent written and oral communication skills
You have an advantage if you have:
● Experience with Linux environments, administration, security, internals
● Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking)
● Experience in securing machine learning or generative AI platforms
● Experience with CI/CD cloud deployment in Amazon AWS, Azure or Google Cloud Platform
● Security certifications such as CISSP, CSSLP, GIAC, OSCP
Hiring Range: $155,000 - $175,000
In accordance with Colorado’s Equal Pay for Equal Work Act (SB 19-085) the approximate compensation range for this role in Colorado is listed above. Final compensation for this role will be determined by various factors, such as knowledge, skills, and abilities.