Product Security Engineer
Remote
Applications have closed
Flock Safety
From creating safer neighborhoods to protecting employees and property, we help you deter and solve crime with tools customized and scaled to your needs.Eliminate Crime. Build Community.
Flock Safety provides the first public safety operating system that empowers private communities and law enforcement to work together to eliminate crime. We are committed to protecting human privacy and mitigating bias in policing with the development of best-in-class technology rooted in ethical design, which unites civilians and public servants in pursuit of a safer, more equitable society.
Our Safety-as-a-Service approach includes affordable devices powered by LTE and solar that can be installed anywhere. Our technology detects and captures objective details, decodes evidence in real-time and delivers investigative leads into the hands of those who matter.
While safety is a serious business, we are a supportive team that is optimizing the remote experience to create strong and fun relationships even when we are physically apart. Our flock of hard-working employees thrive in a positive and inclusive environment, where a bias towards action is rewarded. Flock Safety is headquartered in Atlanta and operates nationwide. We have raised over $380M in venture capital including a recent Series E round led by Tiger Global. Now surpassing a 3B valuation, Flock is scaling quickly and seeking the best and brightest to help us meet our goal of reducing crime in the United States by 25% in the next three years.
About the opportunity
Flock Safety is looking to add a Product Security Engineer to our growing company. Today, Flock Safety has over 300 employees in 30+ states and is rapidly expanding. As a member of the Information Systems team this person will report to our Director of Information Security. The primary responsibilities include working directly with our hardware and software development teams to ensure we continue creating a product that prioritizes security, privacy and ethics.
How You Will Take Flight With Flock
- Perform and manage pentesting engagements and security reviews of Flock Safety’s products and services
- Identify and fix security gaps and vulnerabilities through SAST, DAST, IAST, SCA, penetration testing, and code reviews
- Create training, processes, and documentation to promote secure coding practices
- Collaborate with our internal security team on building and implementing strong controls so that security incidents are less likely to happen
- Partner with our internal security team to represent Flock Safety’s security practices and policies to customers
- Engage with multiple product and infrastructure partners in discovering and remediating security problems that affect Flock Safety’s services
- Assess and present security risk, solutions and tradeoffs that enables risk-based decision making with respect to our product and infrastructure security
- Manage and implement fixes to remediate findings from the Flock Safety bug bounty program
- Ensure end-to-end security of our product with hands-on testing, hypothesizing threats, helping development teams remediating risks upfront, and championing secure implementation efforts
- Help Developers mitigate identified vulnerabilities by providing and/or helping to implementing technical solutions
- Develop custom tools and automation that enable DevSecOps and SecOps.
- Proactively research the latest vulnerabilities and exploits
- Collaborate with product development and solution teams proactively to manage security risk aligned with business goals
- Aid in instilling a culture of security in our remote-first work environment
- Participate in an after-hours oncall rotation
- Perform special projects and tasks as assigned by the Director of Information Security.
About You
- Have 5+ years of hands-on technical work experience in security engineering at high growth technology companies
- Demonstrated experience in programming languages (e.g. Typescript, Python, SQL, Groovy) and development tools (e.g. Terraform, Kubernetes, Jenkins)
- Experience reviewing code in the languages listed above
- Deep technical working knowledge of AWS, and their security tools (IAM, CloudTrail, GuardDuty, Inspector, etc.)
- Ability to successfully integrate security into a developers world
- Experience managing a bug bounty program
- Deep knowledge and experience in using SAST, DAST, IAST, SCA, and fuzz testing tools
- A strong foundation of security architecture, protocols, vulnerabilities, and countermeasures.
- Strong understanding of secure coding standards and security risks e.g. OWASP Top 10.
- Familiar with agile development processes and have experience integrating secure development practices into the agile model.
- Familiarity with cryptography primitives and fundamentals (e.g. SSL/TLS, PKI).
- Experience working with development, engineering, and architecture teams to ensure security best practices are followed.
- Ability to communicate effectively utilizing critical thinking skills, the ability to learn new concepts, and problem-solving as they arise.
- Have proven experience in shaping technical security strategies for complex problems and executing against them
- Enjoy building productive relationships with other functional groups to promote a culture of security
- Bias towards operational excellence with a strong attention to detail
- Be excited about working on a fast-paced, constantly evolving product
Why join the Flock?
When you join the Flock, you are joining a diverse team of passionate, ambitious, intelligent people that put team over self. We offer competitive salary (commensurate with experience), equity in the company, take what you need vacation policy, and the opportunity to grow your career at a fast-paced, high growth mission-driven startup. We genuinely care about the well-being of our employees both in and out of the office and understand the importance of work/life balance. We’d love for you to join us in the fight to eliminate crime, one community at a time.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation AWS Cryptography DAST DevSecOps Exploits IAM Kubernetes OWASP Pentesting PKI Privacy Product security Python SAST SecOps SQL Terraform TLS TypeScript Vulnerabilities
Perks/benefits: Career development Competitive pay Equity Flex vacation Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs