Lead Product Security Engineer

Description: • Support and participate in the building and implementation of software security controls in all stages of the product development life cycle. • Identify and mitigate software vulnerabilities through code reviews, security assessments, and threat modeling. • Ensure the security posture of our bank-wide infrastructure and products. • Collaborate with cross-functional teams to integrate security measures into the software development process. • Stay up to date on emerging threats and vulnerabilities, and proactively recommend security enhancements. • Partner with engineering teams and provide guidance and support to developers on secure coding practices. • Mentor product security engineers and DevSecOps professionals to ensure a strong security posture across all software development and deployments. • Assist in the development of software security processes, configuration of tools, and management of solutions to address vulnerabilities. • Build and support high quality security documentation for product security best practices. • Communicate effectively with all levels of organizational leadership. Requirements: • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or applicable discipline and a minimum of 5 years of relevant work experience. • Demonstrable experience developing and maintaining automation for product security tasks and defect identification. • Advanced knowledge with industry standards and frameworks such as OWASP, ISO 27001, GDPR, PCI DSS, and NIST. • Advanced experience with security testing tools and techniques and fixing vulnerabilities. • Strong background in cybersecurity, manual code review, static/dynamic code analysis, threat modeling, bug bounty research and vulnerability management. • Experience with at least 2-3 of the following programming languages – Java, C#, JavaScript, Python, PHP, Ruby, Scala. • Hands-on experience with product security tools and exploit tools and methods. • Hands-on experience with product security testing tools such as SAST, DAST, IAST, SCA, and SBOM as well as experience with DevOps technologies such as CI/CD pipelines, repos, etc. • Excellent communication and leadership skills. • Capable of working on multiple projects of a complex nature. • Excellent problem-solving skills to assist in issue resolution. • Detail-oriented with excellent verbal and written communication skills, with prior experience presenting to the target audience. • Excellent organizational, teamwork, and time management skills. • Strong vertical thinking skills. • Experience recommending and implementing security solutions. • Experience driving project milestones and delivery dates. • Proven mentoring and leadership capabilities. Benefits: • Competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year. • Promotes a drug free workplace. Apply Job! Apply to this Job