Security Engineer designing and implementing security measures to protect Snap Inc.'s infrastructure. Collaborating across teams while focusing on threat detection and response strategies.
About the role
- Principal Engineer for Product Security at commercetools ensuring secure development and implementation of security practices across product teams.
Responsibilities
- Formulate, evangelise, and drive adoption of the product security strategy
- Assess, advise on, and increase the security maturity posture
- Create a standardised security architecture and operational best practices
- Help track and drive remediation of security and technology risks
- Educate product teams on risk assessments, threat modelling, and building secure api-first applications
- Review requirements and designs to help product teams address shortcomings
- Embed security tooling into the development process
- Contribute to the review of external penetration tests and help teams prioritise fixes
- Collaborate with product teams to improve overall security and resolve specific issues
- Facilitate or lead customer conversations regarding product security
- Triage and investigate new attack vectors to determine risk mitigation
- Drive security and quality initiatives across the organization and support certification audits
- Collaborate with Product Management, Principal Engineers, and legal/compliance teams
- Identify skills gaps and facilitate knowledge sharing across the organization
Requirements
- A strong technical background and 5+ years of proven track record in hands-on Product Security
- 2+ years of experience improving Product Security in a leadership role
- Experience with customer-facing security roles and influencing roadmaps in matrix organizations
- Experience in a scale-up environment with ambitious and competing priorities
- Expertise in formulating, elaborating, and clarifying requirements or priorities
- Experience with Secure Architecture design reviews and Threat Modeling
- Experience infusing security into various levels of the SDLC
- Experience with Static Analysis and Secure Code Review implementations
- Sound knowledge of Linux systems, Kubernetes, Terraform, Vault, API, and web application security
- Practical experience in DevSecOps and proficiency in at least one scripting language like JavaScript or Go
- Project management experience for projects affecting multiple teams
- Experience working within an Agile environment with a strong customer focus
- Experience setting up and running trainings or onboardings
- Clear written and verbal communication in fluent English
Benefits
- Comprehensive health benefits for you and your dependents, including access to OpenUp for personalized mental health support
- Learning and development opportunities including an annual learning budget, access to self-paced learning platforms and language training, personalized coaching, mentorship, and leadership programs
- Family Leave Plus gives you additional fully paid weeks of parental leave on top of government-provided leave, so you can spend more time with your new addition
- Our equity participation program allows you to share in our success
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
IT Security & Compliance Head at Lonza leading security strategy and managing global risk. Collaboration with senior leadership to enhance information security across Capsules & Health Ingredients business.
Senior Security Manager leading security for Sanofi meetings and events across North America. Ensuring compliance with global meeting policies and managing event security operations in high - stake environments.
Security Officer maintaining safety protocols at Aloft New Orleans. Responsible for patrolling, monitoring security systems, and assisting guests with safety - related concerns.
Security Detection Specialist responsible for detecting cybersecurity incidents using advanced security technologies. Analyzing data feeds and leveraging security tools for incident detection and reporting.
Senior Incident Response Engineer at Walmart focusing on security threat campaigns to enhance detection and response capabilities. Collaborating with SOC and engineering teams to improve security posture.
Head of Infrastructure & Security at Kinatico, a RegTech leader, focused on cloud infrastructure and security governance. Leading a technically deep team of cloud engineers and security specialists in a hybrid environment.
Security Engineer at KAYAK responsible for implementing security improvements and managing security tools in Berlin office infrastructure. Collaborating with teams to monitor incidents and enhance security protocols.
Security Supervisor responsible for loss prevention and safety at WarHorse Gaming casino in Omaha. Ensuring compliance with regulations and managing security team operations.
Security Shift Manager overseeing security operations at WarHorse Gaming Omaha. Responsible for team safety, compliance with regulations, and staffing in the security department.