115 applicants

Company

Skillable · 4 hours ago

Product Security Engineer

United States

Full-time

Remote

Mid, Senior Level

$150K/yr - $180K/yr

5+ years exp

Maximize your interview chances

Corporate TrainingE-Learning

No H1B

Insider Connection @Skillable

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Perform threat modeling on new and existing products to identify potential security issues.

Identify and mitigate security vulnerabilities in code, systems and networks through manual review, automated tools and threat modeling.

Identify singular issues and develop solutions to prevent them categorically

Collaborate with engineering teams to design and implement secure solutions that mitigate risks identified during threat modeling.

Conduct and organize penetration testing on systems and infrastructure to discover vulnerabilities.

Collaborate with other teams such as development, operations, and compliance to ensure that security is integrated throughout the organization.

Work with development teams to implement secure coding practices.

Develop and improve automated security testing tools to streamline the security assessment process.

Partner with product and development teams to integrate security practices into the product lifecycle.

Analyze and respond to security incidents, providing post-mortem analysis and recommending preventive measures.

Provide security guidance and training to engineering and product teams to foster a security culture.

Lead and continuously improve Skillable’s Security Champions Program, empowering developers to integrate security best practices into their work.

Advocate for and ensure the implementation of secure by design principles, including contributing to the development of security-related requirements.

Stay up-to-date with the latest security threats, techniques, best practices, and tools to ensure our defenses remain ahead of potential attackers.

Support and promote the company values through positive interactions with both internal and external partners and customers on a regular basis.

Other strategic business initiatives or cross-functional project involvement as required.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Threat modelingPenetration testingSecure software developmentProgramming languagesSecurity frameworksVulnerability testingSystems hardeningTechnical controlsNetwork protocolsCloud infrastructureSecurity certifications

Required

Bachelor’s degree in computer science, technology, information security or equivalent years of relevant experience.

5+ years of experience working in threat modeling, penetration testing, and secure software development.

Experience implementing technical and procedural controls to meet policies and standards.

Strong understanding of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).

Familiarity with security frameworks and standards such as OWASP, NIST, and ISO 27001.

Proficiency in at least one programming or scripting language (e.g., Python, Ruby, Java, C++).

Excellent problem-solving and analytical skills.

Experience implementing systems hardening, CI/CD pipeline security, security policies, and controls.

Strong understanding of vulnerability and penetration testing methodologies.

Strong understanding of common system and application-level exploits.

Effective communication skills with the ability to explain complex security issues to a non-technical audience.

Familiar with technical business applications, cloud infrastructure and cloud risks and controls.

Ability to work in an on-call rotation for incident response on an as needed basis.

Preferred

Industry-recognized certifications in security (CISSP, OSCP, CEH, etc.) are a plus.

Benefits

Fully remote with a monthly stipend to pay for office services and supplies

Medical (2 plan options), dental (2 plan options), vision, health savings account with generous employer contributions, healthcare spending accounts, dependent care spending accounts, EAP, group paid life insurance, group paid STD and LTD and voluntary life/AD&D insurance, accident and critical illness options.

401(k) with Company match, tuition reimbursement, healthy lifestyle reimbursements.

Open PTO, Paid holidays, bereavement leave, parental leave, caregiver leave and paid FMLA leave.

Friends and Family Friday to end our standard workweek at 2pm local time; Full company closure during the 4th of July holiday week.

Access to pet insurance; Access for employees and dependents to Skillable learning opportunities through our product and more!