Senior Product Security Engineer
Plaid · San Francisco Bay Area · 6 days ago
HybridInformation Technology$204k–$281k/yrFull-time
Responsibilities
- Collaborate with engineering and product teams to integrate security into the product lifecycle, from inception to deployment, ensuring that security is a core consideration in all design and development decisions.
- Conduct Threat Modeling and Risk Assessments from the early stages of the product development lifecycle to identify, assess, and prioritize security risks, enabling proactive mitigation strategies.
- Perform rigorous security testing and reviews for new features being built in the assigned area to uncover and address security weaknesses.
- Lead incident response efforts, investigate root causes, and implement corrective actions to minimize impact and prevent future occurrences.
- Foster a Security-Conscious Culture by educating and empowering engineering and product teams through training, awareness campaigns, and mentorship, cultivating a strong security mindset.
Qualifications
- 5+ years of proven experience in product and application security concepts, including API, web, and mobile app security.
- Ability to communicate complex security concepts to technical and non-technical audiences, including senior leadership.
- Expertise in conducting comprehensive threat modeling and risk assessments to identify and mitigate vulnerabilities.
- Proficiency in secure SDLC practices, application security testing tools (SAST, DAST, Burp Suite), container security (Docker, Kubernetes), and cloud security.
- Proven ability to thrive in fast-paced environments and excel in ambiguous situations.
Nice to have
- Knowledge and experience in securing AI/ML based products.
- Experience with the risk management associated with financial technology companies.
- Experience with red teaming or penetration testing.