Senior Product Security Engineer
United States
Full Time Senior-level / Expert USD 150K - 232K
Snapdocs
Join our team, and help us make mortgage closings fast, secure, transparent, and error-free. See open positions >>>Snapdocs is a rapidly growing company backed by investors like Sequoia, Y Combinator, F-Prime and Tiger Global. We're an innovative team taking on the extensive mortgage market, bringing scalable and sophisticated software to a pillar of the US economy that still relies on fax machines and manila envelopes. Today, 20% of real estate transactions are processed through our platform. As we expand our product offering to serve more customers, we need to grow our team with smart, hungry, and curious people. That’s where you come in…"
Are you passionate about ensuring the security and integrity of innovative B2B SaaS products? We are seeking a talented Senior Product Security Engineer to join our dynamic team. In this role, you will play a critical part in safeguarding our software systems and ensuring best practices across our product development lifecycle. If you are driven by challenges and thrive in a fast-paced startup environment, we want to hear from you.
You will lead our Snapdocs Product Security Program. Primary responsibilities include leading the community of Security Champions embedded in the software engineering teams, assisting in the remediation of security vulnerabilities and representing security in software architecture discussions. Project lead for the Vulnerability Remediation Management Program including analysis and reporting of monthly metrics. Responsible for organization of threat modeling activities, product requirements review for security implications and risk assessments on planned application changes. Participation in the management of all security tools. Technology stack includes Kubernetes, Docker, and Ruby on Rails.
Our ideal candidate will have:
- 5+ years experience building software testing systems and working with software engineers on creating secure products
- Bachelor's degree in Computer Science, Information Security, or related field.
- Deep understanding of software security principles and best practices.
- Experience with implementing and managing Secure Software Development Lifecycle (S-SDLC) processes.
- Proficiency in using security testing tools such as SAST, DAST, SCA, etc.
- Hands-on experience with cloud security practices and technologies.
- Strong understanding of API security and authentication protocols.
- Familiarity with OWASP guidelines and security testing methodologies.
- Experience with GitHub Advanced Security (GHAS) or similar tools is a plus.
If you are located in NY, CA, WA or MA, the salary range for this role is $171,900.00 - $232,500.00. For all other locations, the range is $150,400.00 - $203,400.00. As a new hire, your starting salary will likely be between the 25th percentile and the midpoint of the range; however, all offers are based on the successful candidate’s experience and qualifications.
Snapdocs strongly values diversity and drive. We want to work with people of different backgrounds and different paths in life, and we trust our team to make smart decisions. This means we value independent work as well as collaboration.
Our benefits include (but are not limited to):
- Excellent health, dental, and vision benefits
- 401(k) with up to 4% company match
- 16 weeks paid parental leave (regardless of gender)
- Flexible time off policy
- Flexible spending account for healthcare and dependent care
- Life and disability insurance
Snapdocs is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
California residents applying for positions at Snapdocs are subject to our candidate privacy policy. (www.snapdocs.com/california-candidate-privacy)
Tags: APIs Cloud Computer Science DAST Docker GitHub Kubernetes OWASP Privacy Product security Risk assessment Ruby SaaS SAST SDLC Vulnerabilities
Perks/benefits: 401(k) matching Flex hours Flexible spending account Flex vacation Health care Insurance Parental leave Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs