Product Security Engineer | TransferGo | Remote (Canada, United Kingdom (UK), United States)

Product Security Engineer | TransferGo | Remote (Canada, United Kingdom (UK), United States)

Remote Canada, UK, US
Application ends: September 28, 2024
Apply Now

Job Description

As an Application Security Engineer working remotely from USA/Canada, from the UK or within one of our Engineering offices you will gain invaluable experience at a visionary identity security company.  The position requires a passion for application security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment.  You will have excellent communication skills and pay attention to the latest security trends and best practices.  

You will:

  • Own Security Engineering for assigned Ping Identity products and tools
  • Assist in developing and implementing Secure Software Development Lifecycle (SSDLC) practices
  • Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment
  • Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, and exploit development.
  • Innovate the automation of SSDLC tasks
  • Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
  • Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product

You have:

  • 2+ years of proficiency in a mix of Enterprise Application Security, API Security and Web Application Security
  • 3+ years of developing commercial or open-source products (experience in Java preferred) or equivalent experience
  • Understanding of network protocols and architectures such as TCP/IP, UDP, IPv6, IPSEC, TLS, HTTP/S, routing protocols
  • Exceptional problem-solving skills, curiosity about the inner workings of systems and show attention to details and documentation
  • Excellent written and oral communication skills

You have an advantage if you have: 

  • Experience with Linux environments, administration, security, and internals
  • Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking, etc.)
  • Experience in securing machine learning or generative AI platforms
  • Experience with cloud deployment in Amazon AWS, Azure or Google Cloud Platform
  • Security certifications such as CISSP, CSSLP, GIAC, OSCP