Staff Product Security Engineer
4 weeks ago
Our self-hosted and cloud offerings provide integrated workflow automation, AI-acceleration, ChatOps with team messaging, audio calling and screen share on an open core platform vetted and deployed by the world’s most secure and mission critical organizations.
We co-build the future of collaboration with over 4,000 open source project contributors who’ve provided over 30,000 code improvements towards our shared product vision, which is translated into 20 languages. To learn more, visit www.mattermost.com
Mattermost is seeking a result-driven and analytical Staff Product Security Engineer to help ensure the security of our product and services across the company. As part of our Security team you will work closely with a globally distributed team to support in all the different aspects of the software development life cycle. You will be responsible for the implementation of additional application security tooling and/or processes across the company and coordinate with relevant stakeholders, gather requirements, and lead the implementation. Responsibilities
- Support the application vulnerability management and mitigation approaches.
- Engage in threat modeling and design reviews of in-house developed software components.
- Conduct application security reviews through manual code review or static/dynamic code analysis.
- Educate technical teams on DoD security requirements/architecture and support R&D fulfilling federal compliance requirements, e.g. FIPS.
- Provide security guidance and training to internal development teams.
- Promote the Mattermost brand and build awareness through blog posts and public speaking on security subjects.
- Validate ideas and share insights with Product Management/Marketing on product direction and industry trends for security audiences
- Deep understanding of web application security and secure development practices.
- Deep understanding with common security libraries, security controls, and common security flaws.
- Experience building and shipping software fulfilling federal and DoD requirements.
- Experience with Threat Modeling applications.
- Experience with static/dynamic analysis, and common exploit tools and methods.
- Experience in one or more programming languages, ideally Go or Javascript.
- Excellent written and verbal communication skills, including prior experience on public speaking engagements or published research.
- Demonstrable teamwork skills and resourcefulness.
- Experience working in open source communities.
- Experience running a bug bounty program.
- Certifications in the domain of penetration testing or application security (e.g. OSCP, OSWE, GWAPT, …).
- Experience with Electron, React or React Native.
- Experience with Linux / AWS.
- Experience with Kubernetes / Docker.
- Participation in Bug Bounties, CTFs or similar activities
We are constantly working towards adding more countries/regions to this list, but first we need to make sure we are compliant with local laws and regulations, which takes time.
Mattermost is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people from all walks of life. We don't discriminate against staff or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate
-
Staff Security Engineer
1 week ago
Alexandria, United States Mattermost Full timeMattermost provides secure, workflow-centric collaboration for technical and operational teams that need to meet nation-state-level security and trust requirements. We serve technology, public sector, national defense, and financial services industries with customers ranging from tech giants to the world’s largest banks, to the U.S. Department of Defense...
-
Network Security Engineer
1 week ago
Alexandria, United States GuidePoint Security Full timeGuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government...
-
VTC Engineer with Security Clearance
1 month ago
Alexandria, United States Mantis Security Corporation Full timeMantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in the long-term career development of every employee! We are...
-
VTC Admin with Security Clearance
1 month ago
Alexandria, United States Mantis Security Corporation Full timeMantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in the long-term career development of every employee! We are...
-
VTC Technician with Security Clearance
1 month ago
Alexandria, United States Mantis Security Corporation Full timeMantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in the long-term career development of every employee! We are...
-
Alexandria, United States Excentium, Inc. Full timeSenior Information Security Engineer Excentium, Inc. is a Service-Disabled Veteran owned small business (SDVOSB) that provides Cyber Security Engineering, Information Assurance (IA), management, Certification and Accreditation (C&A), and other IT services to government and commercial organizations. We have an opportunity for a Senior Information Security...
-
"Cyber Security Engineer"
2 weeks ago
Alexandria, United States Turing IT Labs Full timePosition Title: Cybersecurity EngineerLocation: Onsite at 2401 Mill Road, Alexandria, VA 22314Contract: 6+MonthsKey Responsibilities Provide expert-level network security support, security engineering, and implementation on network security firewalls, load balancer, and VPN devices. Design, implement, and manage network security devices including firewalls,...
-
AWS Cloud Engineer with Security Clearance
1 month ago
Alexandria, United States Seneca Resources, LLC Full timeDirect Hire Job Title: Cloud Engineer/System Administrator Location: US-VA-Alexandria (100% Onsite in SCIF) Clearance: Top Secret/SCI Salary: $160k End Client - US ARMY Overview:AWS Cloud Engineer/System Administrator The AWS Cloud Engineer/System Administrator will lead and work with a team of Tier III system administrators to manage the Army Geospatial...
-
Senior Engineer with Security Clearance
1 month ago
Alexandria, United States SPA Full timeOverview Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and...
-
Cyber Tools Engineer
3 weeks ago
Alexandria, United States GuidePoint Security Full timeGuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government...
-
Cyber Security Engineer
1 month ago
Alexandria, United States Clarivate Analytics US LLC Full timeClarivate is looking for a Cyber Security Engineer to join our top-class Cybersecurity team. This is a long-term opportunity to provide outstanding FISMA Compliance Support for our contract with the United States Patent and Trademark Office (USPTO). The ideal candidate will ensure that appropriate steps are taken to meet the security requirements for a FISMA...
-
Senior Cybersecurity Engineer
1 month ago
Alexandria, United States Excentium, Inc. Full timeSenior Cybersecurity Engineer Excentium, Inc. is a Service-Disabled Veteran owned small business (SDVOSB) that provides Cyber Security Engineering, Information Assurance (IA), management, Certification and Accreditation (C&A), and other IT services to government and commercial organizations. We have an opportunity for a Senior Cybersecurity Engineer...
-
Cyber Security Engineer
3 weeks ago
Alexandria, United States Clarivate Full timeClarivate is looking for a skilled Cyber Security Engineer to join our successful team in offering Risk Management Framework support for our contract with the United States Patent and Trademark Office (USPTO). This is a long-term opportunity, and the ideal candidate will ensure that appropriate steps are taken to meet the security and compliance requirements...
-
Splunk Engineer with Security Clearance
1 month ago
Alexandria, United States Anonymous Employer Full timeMust Have One of the Following J3 CertificationsCompTIA Advanced Security Practitioner (CASP)GCIH – Incident HandlerGCWN – Windows Security AdministratorGISF – Security FundamentalsGISP – Security ProfessionalGSSP – Secure Software ProgrammerGICSP –Cyber Security ProfessionalGSSP – Secure Software ProgrammerSEI (Software Engineering...
-
Splunk Engineer with Security Clearance
7 days ago
Alexandria, United States Anonymous Employer Full timeMust Have One of the Following J3 CertificationsCompTIA Advanced Security Practitioner (CASP)GCIH - Incident HandlerGCWN - Windows Security AdministratorGISF - Security FundamentalsGISP - Security ProfessionalGSSP - Secure Software ProgrammerGICSP -Cyber Security ProfessionalGSSP - Secure Software ProgrammerSEI (Software Engineering Institute)CCSP -...
-
Alexandria, United States Excentium, Inc. Full timeSenior Cybersecurity Engineer Lead CBP Excentium, Inc. is a Service-Disabled Veteran owned small business (SDVOSB) that provides Cyber Security Engineering, Information Assurance (IA), management, Certification and Accreditation (C&A), and other IT services to government and commercial organizations. We have an opportunity for a Senior Cybersecurity Engineer...
-
Alexandria, United States Sayres Defense Full timeSayres is a leader in defense support services to the US Navy and DoD. Our 300+ program support experts empower our customers' senior leadership with long term planning and analytics, insightful decision making, and day-to-day operations. Headquartered in Washington, DC, Sayres has offices in California, Maine, and Alabama. Sayres is seeking a Shipyard...
-
Embedded System Engineer with Security Clearance
2 weeks ago
Alexandria, United States BAE Systems Full timeJob Description The Program is looking for a System Engineer to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology. We are using Behavior Driven Development (BDD) and test automation tools alongside a full suite of team collaboration tools. Program execution follows DEVOPS best practices and employs robust development,...
-
Lead Digital Engineer with Security Clearance
2 months ago
Alexandria, United States SPA Full timeOverview Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and...
-
General Engineer with Security Clearance
2 weeks ago
Alexandria, United States Department of Defense Full timeDuties * Applies engineering concepts and principles in the assessment of complex DoD weapons systems and facilities for the purposes of oversight reporting and recommendations. * Demonstrates and applies DoD Acquisition System knowledge and best practices engineering standards, and compliance, engineering, acquisition, and critical thinking skills to the...