Contractor (LATAM) for Senior-Level Product Security Engineering Services
Remote
Newsela
Content Aligned To National & State Standard, Flexible To Support Relevant Curriculum. Find the Perfect Piece Of Content For Lessons. Go beyond the book.Newsela is seeking to hire a Contractor based out of Latin America for Senior-Level Software Engineering Services.
Scope of Services:
- As a Contractor, you will play a pivotal role in ensuring the security of our SaaS products by designing and implementing security controls to protect sensitive data to prevent unauthorized access.
- Ensure compliance with relevant security standards, regulations, and industry certifications (e.g., SOC2, GDPR, HIPAA), while managing requirements gathering and remediation efforts for SOC2 and other security audits.
- Develop security-related documentation, such as policies, procedures, and control mappings, while participating in risk assessments and compliance reviews to identify areas for improvement.
- Champion security awareness and adherence to secure coding practices among development teams and provide guidance and support to internal stakeholders on security best practices and compliance requirements.
- You will work closely with our engineering teams to build advanced detection solutions to help keep systems and information safe and partner closely with our Legal team to conduct complex investigations.
- Collaborate with internal stakeholders and external partners, including vendors and customers, to respond to RFPs about product security and compliance.
- Manage investigations and security incidents by conducting root cause analysis and implementing corrective actions to prevent recurrence.
- Implement security controls and remediation activities to mitigate identified risks and vulnerabilities.
- Monitor and track compliance with security policies and standards, and report on findings to relevant stakeholders.
Skills / Experience:
- 3+ years of experience as a Software Engineer, Product Security Engineer, or Security Engineer with proven experience in product security engineering and a focus on SaaS applications.
- Bachelor's degree in Computer Science, Information Security, or related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CSSLP) preferred.
- Experience working with vendors and customers to respond to RFPs about product security and compliance, and experience working in partnership with Software Development and Legal teams for security compliance.
- Experience with requirements and remediation for SOC2 and other security audits for software as a service.
- Demonstrated coding ability in Python and familiarity with cloud computing platforms (e.g., AWS, Azure, GCP), and associated security controls.
- Strong understanding of web application security concepts, including authentication, authorization, encryption, and secure coding practices.
- Hands-on experience with security tools and technologies, such as vulnerability scanners, penetration testing tools, and SIEM solutions.
- Strong analytical and problem-solving abilities, with a keen attention to detail and a proactive approach to security challenges.
- Proven capacity to assess system security, discern patterns, and delve into intricate issues.
- Proficiency in making data-driven, risk-based decisions.
- Results-driven approach with exceptional interpersonal and communication abilities to effectively engage with technical and non-technical stakeholders.
- Strong empathy towards our customers, including internal developers.
Please note that given the nature of the contract, this role will not be eligible to participate in company-sponsored benefits.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits AWS Azure CISM CISSP Cloud Compliance Computer Science Encryption GCP GDPR HIPAA Pentesting Product security Python Risk assessment SaaS SIEM SOC 2 Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs