Product Security Engineer
Washington, DC
Applications have closed
SingleStore
Backed by streaming data ingestion, a unique table type that supports both transactional (OLTP) and analytical (OLAP) workloads and limitless point-in-time recovery, SIngleStoreDB empowers the world's makers to build, deploy and scale modern,...Position Description
SingleStore is a cutting edge business leading a wave of disruption in the database space focused on delivering a single platform for all data intensive applications. We believe in building secure by design solutions for cloud and on-premises deployments without compromising performance.
At SingleStore we are making security part of the entire software development lifecycle, from design to development, through testing and operations. To meet the needs of our rapidly growing business we are seeking an experienced and highly motivated Security Engineer to help us deliver products and services that meet customer security requirements and provide the highest levels of security assurance.
Job Responsibilities
- Drive and support secure software development lifecycle activities and practices across SingleStore (e.g., Security Architecture, Threat Modeling, Secure Coding, Ethical Hacking, Product Security Incident Response).
- Stay abreast of emerging security threats and vulnerabilities to ensure the appropriate security controls and mitigations are built into SingleStore products and services.
- Research and evaluate evolving software security standards, best-practices and guidelines to ensure alignment and coverage within upcoming product releases.
- Provide re-usable solutions to identified software vulnerabilities from internal and external penetration tests.
- Collaborate with the larger engineering division by providing role based training and guidance for software security.
- Understand customer and partner software security requirements and interpret them to both technical and management audiences.
- Work closely with Product Management to develop security requirements and acceptance criteria that clearly describe customer requested security features, capabilities and opportunities for growth initiatives.
- Support the sales and marketing organization to ensure consistent and clear external messaging is presented describing the security posture of SingleStore products and services.
- Help present software security initiatives to customers, partners and external stakeholders.
- Assist with and support internal and external software security reviews and assessments.
- Collaborate with the Information Security team on enterprise security projects and initiatives that require software engineering support.
Basic Qualifications
- 2+ years experience in software development.
- 2+ years experience in software security.
- Strong understanding of security standards, guidelines and best practices for building highly resilient hardened software systems (e.g., NIST, CIS, OWASP)
- Competence in cloud-native and container technologies, as well as the security risks and countermeasures to secure them.
- Comfortable programming in C variants, Golang and JavaScript.
- Hands on Kubernetes experience and understanding of architecture.
Preferred Qualifications
- Experience developing software security features and product capabilities (e.g., SSO, key management, data masking, access control)
- Well-versed in designing and implementing secure software services and building secure APIs.
- Understanding of encryption and key management systems.
- Comprehensive knowledge in assessing vulnerabilities identified by security scanning tools and third party penetration testing engagements.
- Familiar with a variety of security scanning tools (e.g., SAST, DAST, IAST, SCA)
- Experience in managed services security issues and architecture.
- Demonstrable testing competency with a focus on penetration testing and ethical hacking.
- Certifications in one or more of the following areas: CISSP, CCSP, CSSLP, OSCP, CEH
- Bachelors in Computer Science or Software Engineering.
- Experience presenting and communicating software security content to both technical and management audiences.
- Demonstrated leadership skills with experience working effectively with engineering, sales, marketing and product management.
- Familiarity with data security frameworks and regulatory standards, including PCI DSS, GDPR and/or CCPA/CPRA, and FedRAMP.
SingleStore is one platform for all data, built so you can engage with insight in every moment. Trusted by industry leaders, SingleStore enables enterprises to adapt to change as it happens, embrace diverse data with ease, and accelerate the pace of innovation. SingleStore is venture-backed and headquartered in San Francisco with offices in Portland, Seattle, Boston, Bangalore, London, Lisbon, and Kyiv. Defining the future starts with The Database of Now™.
Consistent with our commitment to diversity & inclusion, we value individuals with the ability to work on diverse teams and with a diverse range of people.
To all recruitment agencies: SingleStore does not accept agency resumes. Please do not forward resumes to SingleStore employees. SingleStore is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company.
#liremote #remoteli
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs C CCPA CCSP CEH CISSP Cloud Computer Science DAST Encryption Ethical hacking FedRAMP GDPR Golang Incident response JavaScript Kubernetes NIST OSCP OWASP PCI DSS Pentesting Product security SAST SSO Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs