Red Canary · 9 hours ago
Senior Product Security Engineer
Maximize your interview chances
Cyber SecurityNetwork Security
Insider Connection @Red Canary
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Embed with the product teams and attend regular stand-ups and planning meetings and build positive relationships with key partners
Serve as the security authority on your product, ensuring the corporate security controls are working as designed, that security requirements are provided to the team before coding begins, and that vulnerabilities are being fixed within their SLAs
Ensure s-SDLC controls are embedded in your product and serve as control owner for a subset of these controls, mentoring other team members
Engage in application and domain-specific threat modeling, and attack surface analysis and reduction
Work alongside engineers, performing peer review and mentoring as needed
Assist in continuous improvement efforts and serve as a resource for more junior members
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
At least 5 years experience in securing enterprise-grade web applications and services with demonstrated expertise in threat modeling and attack surface analysis.
Solid understanding of common languages such as Ruby, Javascript, Go, etc.
Strong experience in web application security issues and standards (ex. OWASP Top 10, SANS Top 25, etc.)
Understanding and experience with securing public cloud deployments, including AWS and/or Azure, and serverless architecture
Familiarity with CI/CD tools and processes, such as GitHub, Travis CI, CircleCI, Docker, and Kubernetes
Strong foundation in core information security principles and concepts (encryption, authentication, etc.)
Experience with automated application security tools and technologies (SAST, DAST, SCA etc.)
Excellent communication skills and the ability to explain sophisticated security topics in simple terms
Company
Red Canary
Red Canary is a cybersecurity technology company delivering cloud based security services.
Funding
Current Stage
Growth StageTotal Funding
$129.85MKey Investors
Summit PartnersLegion Capital
2021-02-17Series C· $81M
2019-04-30Series Unknown· $34M
2018-05-11Series Unknown· $6.25M
Recent News
2024-11-15
Company data provided by crunchbase