Product Security Engineer
2 weeks ago
Excerpt: Design and implement scalable security infrastructure and help build a culture of security for a rapidly growing team.
Status: Open
About the role
Don't you wish the security practice at your company was more modern, effective and not chasing its tail? Are you excited by the idea of tackling novel security problems while empowering a delightful experience for end users? If that energy isn't appreciated where you currently work, join us in developing a proactive, technology-forward product-security discipline, dedicated to eliminating vulnerabilities in application and infrastructure before they even occur. You'll own the SSDLC and ensure effective security measures are embedded throughout. You'll be building systems and occasionally building/buying tools that help all of Engineering truly shift left, so you can spend less time chasing vulnerabilities and more time on meaningful security engagement.
Additionally, this role includes practicing embedded security within Eng teams, teaching them to think through, prevent, and mitigate common security issues all on their own: everything from creating guardrails to implementing AuthN / AuthZ correctly to creating secure and resilient infrastructure as code. The security culture you help create permeates the entire company and has longevity, even when you're not in the room, because you will help a top-tier Eng team level up. Your work will inform the company's security roadmap, starting with delivering pieces of a high-speed, automated, and self-service security strategy.
So far the security projects we've worked on have been about:
- Hardening our Kubernetes deployments
- Running and evolving our Bug Bounty Program
- Streamlining our product authorization model
- Optimizing access control company-wide
- Automating vulnerability management
Must have's:
- 5+ years of product-security experience: 4 years in appsec, 1 in cloudsec
- You write code and are fond of creating your own automation
- Deep understanding of software-security principles and a good understanding of cloud-infrastructure security principles
- Hands-on experience with many of the core infrastructure products that Hex is run on, including Kubernetes, AWS, and Terraform
- You perform code reviews regularly
- Proficient at threat modeling and keeping the models updated
- Able to break down a landscape of scattered security problems, whether complex, simple and/or varies, and group them into logical, achievable components to get the most bang for the buck during quarterly and annual planning
- Possess an instinct for strategic thinking and aligning with business and product goals, while keeping a healthy balance of velocity and security excellence.
- Excel at working with several different engineering teams and codebases, and at communicating with engineers and non-technical partners across many different backgrounds, demonstrating curiosity about how their work contributes to Hex's success.
- Experience scaling and optimizing a bug-bounty program with a good signal:noise ratio
- Involvement with your Security Community
- Interest in the data space, and a love of shipping great products and building tools that empower engineers and users to do more.
- Curious and willing to dive into the bigger picture of building a company, including go-to-market, customer development, people, and marketing.
We're a group of engineers who are forging new ground together and love partnering with Security on our journey to pull ahead of our competition. You can read about how we think through problems as well as how we learn from mistakes on our blog here:
- How we took down production...
- Beyond Linear Notebooks
- A pragmatic approach to live collaboration
app.hex.tech runs on AWS:
- EKS
- RDS (Postgres)
- EC2
- S3
- Node.js
- TypeORM
- Apollo GraphQL
- React
- Redux
- ... and more
- TypeScript
- Python
- Node
- Terraform
-
Product Security Engineer
2 weeks ago
New York, New York, United States Hex Full time===Excerpt: Design and implement scalable security infrastructure and help build a culture of security for a rapidly growing team.Status: Open===About the roleDon't you wish the security practice at your company was more modern, effective and not chasing its tail? Are you excited by the idea of tackling novel security problems while empowering a delightful...
-
Product Security Engineer
2 days ago
New York, United States Hex Technologies Inc Full time=== Excerpt: Design and implement scalable security infrastructure and help build a culture of security for a rapidly growing team. Status: Open === About the role Don’t you wish the security practice at your company was more modern, effective and not chasing its tail? Are you excited by the idea of tackling novel security problems while empowering a...
-
Software Engineer
2 days ago
New York, United States Opal Security Full timeOpal is building the next generation of access management. We've all felt the pain of not getting the access we need to do our job. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. We are taking an age old problem in enterprise software and making it simple. Our product prioritizes...
-
Product Security Engineer
4 days ago
New Brunswick, United States Atlas Full timeThe position will be responsible for the implementation of clients' Enterprise Product Security strategy and framework throughout the client orthopedics portfolio: Primary Job Responsibilities: Develop the security strategy, security framework, and security goals for the orthopedics portfolio of products Develop security designs for new products Develop...
-
Product Security Engineer
1 day ago
New Brunswick, United States Atlas Full timeThe position will be responsible for the implementation of clients' Enterprise Product Security strategy and framework throughout the client orthopedics portfolio:Primary Job Responsibilities:Develop the security strategy, security framework, and security goals for the orthopedics portfolio of productsDevelop security designs for new productsDevelop security...
-
Product Security Engineer
6 days ago
New Brunswick, United States Atlas Full timeThe position will be responsible for the implementation of clients' Enterprise Product Security strategy and framework throughout the client orthopedics portfolio:Primary Job Responsibilities:Develop the security strategy, security framework, and security goals for the orthopedics portfolio of productsDevelop security designs for new productsDevelop security...
-
Product Security Engineer
6 days ago
New Brunswick, United States Atlas Full timeThe position will be responsible for the implementation of clients' Enterprise Product Security strategy and framework throughout the client orthopedics portfolio:Primary Job Responsibilities:Develop the security strategy, security framework, and security goals for the orthopedics portfolio of productsDevelop security designs for new productsDevelop security...
-
Software Engineer
2 weeks ago
New York, United States Product Insight, Inc. Full timeSoftware Engineer Product Insight is an integrated design & engineering firm helping B2B companies develop the technical products & systems that make a positive impact on our world. We believe that to achieve our vision, we need the best team possible. Our team members find creative solutions to complex technical challenges for businesses that develop...
-
IT Security Engineer
2 days ago
New York, United States NYC Health Hospitals Full timeMetroPlusHealth provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Exchange, Partnership in Care, MetroPlus Gold, Essential Plan, etc. As a wholly-owned...
-
Engineering Production Support
3 weeks ago
New York, New York, United States BAE Systems Full timeJob Description BAE Systems is hiring a Mechanical Engineer in York, PA on First Shift to provide Engineering Production Support (EPS) for the AMPV combat vehicle program. This individual will serve as an interface between manufacturing, design and production engineering for analyzing and solving problems related to the design and fabrication of mechanical...
-
Product Engineer
4 days ago
New York, United States TBG | The Bachrach Group Full timePosition Description Summary: As a Product Tool and Die Engineer you will play a crucial role in our organization, especially in metalworking and precision machining. The primary responsibility of this role is to design, create, and maintain the tools, dies, jigs, and fixtures used in the production process. These tools are essential for shaping, cutting,...
-
Security Guard For High End Events
7 days ago
New York, United States Knight Security Full timeJob DescriptionJob DescriptionKnight Security offers true expertise in event security and planning, press tours, tv and film production security, threat assessment, buildings & facilities security, and executive protection. Knight provides comprehensive Armed and Unarmed Security Detail and Security Guard Services to the Tri-State area (NYC, NJ, CT).We are...
-
Senior Security Engineer, Application Security
2 weeks ago
New York, New York, United States Grow Therapy Full timeWhat You'll Be Doing:We are looking for a Senior Security Engineer to help us establish the Application Security vertical of Grow Therapy, and who will help build a secure product platform for Grow. You'll be the first hire in this area, and will report directly to our Head of Security Your responsibilities will include: Identify and implement improvements...
-
Senior Solutions Engineer
8 hours ago
New York, United States Opal Security Full timeOpal is building the next generation of access management. We've all felt the pain of not getting the access we need to do our job. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. We are taking an age old problem in enterprise software and making it simple. Our product prioritizes...
-
Information Security Engineer
2 weeks ago
New York, United States Prosum Full timeProsum is seeking an Information Security Engineer to join their client on a 6 month contract to hire, 100% remote role. JOB SUMMARY: The Information Security Engineer is responsible for designing, implementing, monitoring, and evaluating various technical security systems and procedures. This role involves directly supporting the confidentiality, integrity,...
-
Cloud Security Engineer
2 weeks ago
New York, United States Assured Guaranty Full timePosition Summary The goal of information security is to protect the confidentiality, integrity, and availability of information assets. The information security team is responsible for defining and implementing security policy and standards and continuously monitoring for new threats. The Cloud Security Engineer is a hands-on technical role, responsible for...
-
Security Engineer
2 weeks ago
New York, United States The Rockridge Group Full timeJob DescriptionJob DescriptionJob Title: Security EngineerLocation: 100% RemoteDuration: 6 months Contract To Hire About the Position Company X is seeking an exceptional Security Engineer to join its IT Security Team in our New York office. This person will join a distributed, highly collaborative team that is responsible for the setup and maintenance of...
-
Product Development Engineer
2 weeks ago
New York, United States Integer Holdings Corporation Full timeJob Duties: The primary purpose of this job is to apply intensive and diversified knowledge of engineering principles and practices in broad areas of assignments and related fields. Ensures Integer internal and external customer expectations are met or exceeded. Plans process flow, evaluates process capability, modifies tooling, builds tooling, and designs...
-
Senior Security Engineer, Application Security
2 weeks ago
New York, New York, United States tapwage Full timeAbout us:Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for...
-
Security Engineer
2 weeks ago
New York, United States Nationstaff Full timeAbout This Role We are seeking a highly capable Security Engineer / Senior Security Engineer, who will be responsible for various technical and cryptographic security aspects. This role requires a certain range of experience and an in-depth understanding of security engineering facets. Primary ResponsibilitiesPerform security analysis/audits/reviews/testing,...