Product Security Engineer
Atlanta, GA; United States; Canada
Applications have closed
FullStory
FullStory’s intuitive digital experience intelligence provide you with critical insights so you can drive high-impact digital improvements & revenue.This role can be performed remotely anywhere within the United States and Canada.
The Product Security team at FullStory ensures that engineering teams across the company are enabled to securely design, build, test, and maintain the software that powers our business. We focus on establishing a "paved road" so that engineers can move confidently to deliver secure software with minimal friction. The Product Security team considers leading with empathy and providing excellent customer service to our stakeholders paramount to success.
Reporting into the VP, Product Security, this role will help lead the ongoing build-out of software security at FullStory. Whether running a detailed code review, establishing secure-development practices, mentoring engineers, or advising our product team on feature development, FullStory’s Product Security team members are focused on continuous improvement against our maturity model and Secure Development Lifecycle (SDL) to improve the outcomes for our teammates, while building services that our customers can trust.
Day-to-day you’ll:
- Support engineers across the SDL as an application security subject matter expert, including design reviews, threat modeling, code review, and penetration testing
- Collaborate with product and engineering on architecting resilient, security-first services
- Perform deep, technical security assessments to ensure services follow secure design principles across our product portfolio.
- Develop automation of high-signal security tooling through customizations and plugins.
- Support third-party security consultants to provide external validation of software security.
- Craft and deliver interactive security training courses to support engineer enablement.
We’re looking for someone who:
- Has 7+ years of experience working in software security roles or performing similar types of work
- Has experience working with one or more of the following languages: Go, Rust, Objective-C, React Native, Typescript, and/or Python
- Has experience in threat modeling, penetration testing, creating security requirements, performing source code reviews, and/or leading security design reviews
- Has experience building sustainable security programs with an emphasis on customer service, partnership, and enablement of software engineering and product stakeholders
It would be amazing if:
- You have a computer science-related degree and/or professional software engineering experience
- You have experience working in a business-to-business (B2B) software as a service (SaaS) company
- You have a security research interest in privacy-impacting technologies and/or client-side security
- You have experience working within a Google Cloud Platform (GCP)-based technology stack
#LI-Remote #LI-SP1
About FullStory
Founded in 2014 on the belief that everyone benefits from a more perfect digital experience, FullStory’s digital experience intelligence (DXI) platform empowers businesses to continuously improve their customer experience across sites and apps. FullStory is backed by world-class investors and has 500+ employees worldwide with offices in Atlanta and London. We are proud to have been named to Forbes’ List of America’s Top Startup Employers, Wealthfront’s Career Launching Companies List, and LinkedIn’s Top US Startups List. We are guided by our values of Empathy, Clarity, Bionics, and Trust, which we embed in our day-to-day work.
How we support you:
FullStorians are committed to building something better—from how we approach our product, to how we care for our customers and each other. Better is only possible when we can bring our full selves to work. Along these lines, we offer:
- Autonomy and flexibility. From a remote-first work environment and unlimited paid time off, to an annual company-wide closure – FullStorians can focus on the moments that matter.
- Benefits. Take care of the whole you. FullStory offers sponsored benefit packages for US-based FullStorians, and supplemental coverage options for international FullStorians.
- Learning opportunities. We provide professional development opportunities through training programs, career coaching sessions, and an annual learning subsidy.
- Productivity support. We provide all FullStorians with a monthly productivity stipend and reimburse remote colleagues for their initial home office set up.
- Team events. Connect with fellow FullStorians through Employee Resource Group events, Listening & Alignment weeks, and team off-sites.
- Paid parental leave. FullStorians have the flexibility to balance the needs of their growing families without the added stress of figuring out work and finances.
- Bereavement leave. Every family is different; we leave it to you to define who your family is, and support you when you need it most.
- Miscarriage/Pregnancy loss leave. Whether it is for a FullStorian or their partner – take the time you need.
FullStory is proud to be an equal opportunity workplace dedicated to fostering an increasingly diverse community. We want candidates of all human varieties, backgrounds, and lifestyles. There’s no problem that can’t be made better by bringing together people with a broader set of perspectives. If our product, values, and community resonate with you, please apply - we'd love to hear from you!
If you may require reasonable accommodations to participate in our job application or interview process, please contact accommodations@fullstory.com. Requests for accommodations will be treated confidentially.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation C Cloud Computer Science GCP Pentesting Privacy Product security Python Rust SaaS Security assessment TypeScript
Perks/benefits: Career development Home office stipend Parental leave Startup environment Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open IPS-related jobs