68 applicants

Company

Original Job Post

SoundCloud · 6 days ago

Product Security Engineer

New York, NY

Full-time

Onsite

Senior Level

$140K/yr - $160K/yr

6+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

AppsAudio

Actively Hiring

Insider Connection @SoundCloud

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Promote and implement security best practices in collaboration with product and engineering teams.

Conduct penetration testing, code reviews, and threat modeling to identify and remediate security vulnerabilities.

Collaborate with teams to develop security standards for products, applications, and services.

Lead consumer-facing security incident response and investigations.

Document and maintain processes associated with critical systems/services.

Examine log sources to identify attack patterns and develop countermeasures.

Manage the bug bounty program and validate/remediate submissions.

Establish metrics to demonstrate security proficiencies across teams and products.

Perform other duties as required.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Software EngineeringSecurity AssessmentsPenetration TestingVulnerability ScanningCode ReviewsThreat ModelingSecurity ToolsJavaScriptGoRubyScalaSecure Coding PracticesBug Bounty ProgramsCloud ProvidersSaaS SolutionsSecurity FrameworksGDPRCCPAISO 27001OWASPProblem-SolvingCollaborationCommunication

Required

6+ years of relevant software engineering and/or application or product security experience

Enthusiasm about collaborating with engineering and product teams to proactively address security issues in products

Experience in conducting security assessments, including penetration testing and vulnerability scanning, code reviews, and practical threat modeling for consumer applications

Familiarity with security tools such as Nessus, Burp Suite, and web application firewalls

Familiarity with languages such as Javascript, Go, Ruby, and Scala

Experience in secure coding practices and secure development methodologies

Experience with bug bounty programs as an administrator or researcher

Experience working with cloud providers (AWS, GCP) and SaaS solutions (GitHub)

Knowledge of industry-standard security frameworks and regulations, such as GDPR, CCPA, ISO 27001, and OWASP

Strong verbal and written communication skills