Product Security Engineer
Eliminate Crime. Build Community.
Flock Safety provides a public safety operating system that empowers private communities and law enforcement to work together to eliminate crime. We are committed to protecting human privacy and mitigating bias in policing with the development of best-in-class technology rooted in ethical design, which unites civilians and public servants in pursuit of a safer, more equitable society.
Our Safety-as-a-Service approach includes affordable devices powered by LTE and solar that can be installed anywhere. Our technology detects and captures objective details, decodes evidence in real-time and delivers investigative leads into the hands of those who matter.
While safety is a serious business, we are a supportive team that is optimizing the remote experience to create strong and fun relationships even when we are physically apart. Our flock of hard-working employees thrive in a positive and inclusive environment, where a bias towards action is rewarded. Flock Safety is headquartered in Atlanta and operates nationwide. We are well funded by Meritech Capital, Initialized Capital, YCombinator, Matrix Partners, BedRock Capital, and Founders Fund - and we're scaling quickly.
About the opportunity
Flock Safety is looking to add a Product Security Engineer to our growing company. Today, Flock Safety has over 300 employees in 30+ states and is rapidly expanding. As a member of the Information Systems team this person will report to our Director of Information Security. The primary responsibilities include working directly with our hardware and software development teams to ensure we continue creating a product that prioritizes security, privacy and ethics.
How You Will Take Flight With Flock
- Perform and manage pentesting engagements and security reviews of Flock Safety’s products and services
- Identify and fix security gaps and vulnerabilities through SAST, DAST, IAST, SCA, penetration testing, and code reviews
- Create training, processes, and documentation to promote secure coding practices
- Collaborate with our internal security team on building and implementing strong controls so that security incidents are less likely to happen
- Partner with our internal security team to represent Flock Safety’s security practices and policies to customers
- Engage with multiple product and infrastructure partners in discovering and remediating security problems that affect Flock Safety’s services
- Assess and present security risk, solutions and tradeoffs that enables risk-based decision making with respect to our product and infrastructure security
- Manage and implement fixes to remediate findings from the Flock Safety bug bounty program
- Ensure end-to-end security of our product with hands-on testing, hypothesizing threats, helping development teams remediating risks upfront, and championing secure implementation efforts
- Help Developers mitigate identified vulnerabilities by providing and/or helping to implementing technical solutions
- Develop custom tools and automation that enable DevSecOps and SecOps.
- Proactively research the latest vulnerabilities and exploits
- Collaborate with product development and solution teams proactively to manage security risk aligned with business goals
- Aid in instilling a culture of security in our remote-first work environment
- Participate in an after-hours oncall rotation
- Perform special projects and tasks as assigned by the Director of Information Security.
- Have 5+ years of hands-on technical work experience in security engineering at high growth technology companies
- Demonstrated experience in programming languages (e.g. Typescript, Python, SQL, Groovy) and development tools (e.g. Terraform, Kubernetes, Jenkins)
- Experience reviewing code in the languages listed above
- Deep technical working knowledge of AWS, and their security tools (IAM, CloudTrail, GuardDuty, Inspector, etc.)
- Ability to successfully integrate security into a developers world
- Experience managing a bug bounty program
- Deep knowledge and experience in using SAST, DAST, IAST, SCA, and fuzz testing tools
- A strong foundation of security architecture, protocols, vulnerabilities, and countermeasures.
- Strong understanding of secure coding standards and security risks e.g. OWASP Top 10.
- Familiar with agile development processes and have experience integrating secure development practices into the agile model.
- Familiarity with cryptography primitives and fundamentals (e.g. SSL/TLS, PKI).
- Experience working with development, engineering, and architecture teams to ensure security best practices are followed.
- Ability to communicate effectively utilizing critical thinking skills, the ability to learn new concepts, and problem-solving as they arise.
- Have proven experience in shaping technical security strategies for complex problems and executing against them
- Enjoy building productive relationships with other functional groups to promote a culture of security
- Bias towards operational excellence with a strong attention to detail
- Be excited about working on a fast-paced, constantly evolving product
Why join the Flock?
When you join the Flock, you are joining a diverse team of passionate, ambitious, intelligent people that put team over self. We offer competitive salary (commensurate with experience), equity in the company, take what you need vacation policy, and the opportunity to grow your career at a fast-paced, high growth mission-driven startup. We genuinely care about the well-being of our employees both in and out of the office and understand the importance of work/life balance. We’d love for you to join us in the fight to eliminate crime, one community at a time.
Explore more Information Security career opportunities
- Open IT Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Incident Response Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cyber Security Engineer jobs
- Open Azure Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Personnel Security Officer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Infrastructure Security Engineer jobs
- Open Cyber Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Threat Intelligence Response Analyst jobs
- Open Information Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Sr. Software Engineer - Detection Engineering jobs
- Open Cybersecurity Engineer jobs
- Open Sr. Product Security Engineer jobs
- Open Privacy Manager jobs
- Open DevOps-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Machine Learning-related jobs
- Open Encryption-related jobs
- Open IDS-related jobs
- Open Open Source-related jobs
- Open Splunk-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Intrusion detection-related jobs
- Open Security assessments-related jobs
- Open Ruby-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Docker-related jobs
- Open GDPR-related jobs
- Open DevSecOps-related jobs
- Open HIPAA-related jobs
- Open IPS-related jobs
- Open TCP/IP-related jobs
- Open Cryptography-related jobs