Senior Product Security Engineer
SnykSnyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Every day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced “sneak”) comes in. Snyk is a developer security platform that makes it easy for development teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and cloud infrastructure — and do it all right from the start. Snyk is on a mission to make the world a more secure place by empowering developers to develop fast and stay secure.
Snyk is looking for a Senior Product Security Engineer with experience in the areas of application security, cloud native services and DevSecOps practices. We are building out a world class Product Security function within Snyk’s global Trust Office division to support the company’s rapid growth.
You will have a unique opportunity to help build and shape the technical capabilities and security practices employed across our industry leading product engineering teams. This role will report into the Application Security Lead.
You'll spend your time:
- Building innovative solutions that extend Snyks capabilities.
- Working with architecture, product and engineering teams ensuring security is at the heart of what we do.
- Collaborating with your peers to define security guardrails and templated secure-by-design architectural patterns.
- Performing threat models and code reviews for products and services.
- Engineering solutions that enable teams to self-serve on effective security testing capabilities leading to faster, safer code in production environments.
- Building out best-in-breed continuous security monitoring capabilities.
You should apply if you have:
- 3+ years of experience working in cross-functional engineering teams following DevOps/DevSecOps practices.
- The ability to articulate security as a business enabler.
- Scripting/coding ability in at least one language.
- Working knowledge of cloud native ecosystems (AWS, GCP).
- Experience writing solid test cases and documentation.
- Familiarity with compliance frameworks (ISO 27001, NIST 800-53).
- Experience defining security standards and procedures.
- Ability to work independently in a remote setting.
- Strong written and verbal communication skills.
We'd especially love to hear from you if you have:
- Previously experience working as a security engineer working in a Product Security/Application security team or as a Security Champion.
- Practical knowledge of common threats and exposures to web apps and services.
- Strong interest and experience in offensive security techniques.
- Experience with either Golang, Python, Scala, Rust, TypeScript.
- Familiarity with data analysis/data science techniques.
We care deeply about the warm, inclusive environment we’ve created and we value diversity – we welcome applications from those typically underrepresented in tech. If you like the sound of this role but are not totally sure whether you’re the right person, do apply anyway!
Snyk is committed to creating an inclusive and engaging environment where our employees can thrive as we rally behind our common mission to make the digital world a safer place. From Snyk employee resource groups, to global benefits that help our employees prioritize their health, wellness, financial security, and a work/life blend, we aim to support our employees along their entire journeys here at Snyk.
Benefits & Programs
Prioritize health, wellness, financial security, and life balance with programs tailored to your location and role.
- Flexible working hours, work-from home allowances, in-office perks, and time off for learning and self development
- Generous vacation and wellness time off, country-specific holidays, and 100% paid parental leave for all caregivers
- Health benefits, employee assistance plans, and annual wellness allowance
- Country-specific life insurance, disability benefits, and retirement/pension programs, plus mobile phone and education allowances
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Cloud Compliance DevOps DevSecOps GCP Golang ISO 27001 Monitoring NIST NIST 800-53 Offensive security Product security Python Rust Scala Scripting TypeScript Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs