Lead Product Security Engineer

Description:
• Support and participate in the building and implementation of software security controls in all stages of the product development life cycle.
• Identify and mitigate software vulnerabilities through code reviews, security assessments, and threat modeling.
• Ensure the security posture of our bank-wide infrastructure and products.
• Collaborate with cross-functional teams to integrate security measures into the software development process.
• Stay up to date on emerging threats and vulnerabilities, and proactively recommend security enhancements.
• Partner with engineering teams and provide guidance and support to developers on secure coding practices.
• Mentor product security engineers and DevSecOps professionals to ensure a strong security posture across all software development and deployments.
• Assist in the development of software security processes, configuration of tools, and management of solutions to address vulnerabilities.
• Build and support high quality security documentation for product security best practices.
• Communicate effectively with all levels of organizational leadership.

Requirements:
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or applicable discipline and a minimum of 5 years of relevant work experience.
• Demonstrable experience developing and maintaining automation for product security tasks and defect identification.
• Advanced knowledge with industry standards and frameworks such as OWASP, ISO 27001, GDPR, PCI DSS, and NIST.
• Advanced experience with security testing tools and techniques and fixing vulnerabilities.
• Strong background in cybersecurity, manual code review, static/dynamic code analysis, threat modeling, bug bounty research and vulnerability management.
• Experience with at least 2-3 of the following programming languages – Java, C#, JavaScript, Python, PHP, Ruby, Scala.
• Hands-on experience with product security tools and exploit tools and methods.
• Hands-on experience with product security testing tools such as SAST, DAST, IAST, SCA, and SBOM as well as experience with DevOps technologies such as CI/CD pipelines, repos, etc.
• Excellent communication and leadership skills.
• Capable of working on multiple projects of a complex nature.
• Excellent problem-solving skills to assist in issue resolution.
• Detail-oriented with excellent verbal and written communication skills, with prior experience presenting to the target audience.
• Excellent organizational, teamwork, and time management skills.
• Strong vertical thinking skills.
• Experience recommending and implementing security solutions.
• Experience driving project milestones and delivery dates.
• Proven mentoring and leadership capabilities.

Benefits:
• Competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year.
• Promotes a drug free workplace.

Apply Job!

Apply to this Job