Facebook pixel

Product Security Engineer
Posted on 11/8/2022
INACTIVE
Locations
Canada • Remote
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
JavaScript
C/C++/C#
Operating Systems
Kubernetes
Python
Digital Ocean
Requirements
  • Experience in software development or product security engineering, with additional full-time product or information security experience
  • Proven experience performing security design reviews for complex applications, including distributed systems, APIs, and services deployed to cloud, on-premise, and hybrid environments
  • Expert knowledge and implementation experience across information security disciplines, including web application, network, and operating systems security
  • Fluency with the OWASP Top 10 and other common vulnerabilities and exploit techniques, and ability to define appropriate countermeasures
  • Deep understanding of common application and network protocols, cryptographic technologies, and authentication and authorization protocols
  • Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, FedRAMP
  • Direct experience supporting cloud operational models, including SaaS security architecture, microservices, containers, and/or Kubernetes
  • BA/BS in computer science, a related discipline, or equivalent work experience
Responsibilities
  • You will perform application security assessments including architecture review, threat modeling, secure code review, and general security consulting
  • You will assist and enable product teams to follow secure development practices, while also empowering them to own security within their product area
  • You have a proven development background and can communicate with engineering teams with authority, credibility, and empathy. Product Security is complex and context-specific and, as such, will require you to learn constantly and be committed to continuous innovation, because what worked yesterday may not work tomorrow
  • Consult with development and operations teams to provide guidance and recommend secure design patterns
  • Perform security assessments on new and existing products and services to identify security risks and establish baseline security requirements
  • Establish and drive security standards across Cribl to improve security and resiliency of software and systems architecture
Desired Qualifications
  • Contributions to the security community: research papers, public CVEs, conference talks, open source, etc
  • Extensive automation and development experience in programming languages such as: C++, JavaScript, Python, Go
  • Familiarity with “big data” and distributed systems technology
Cribl

201-500 employees

Data analytics tools & storage services
Company Overview
Cribl's mission is to build a solution to make observability viable for any organization, giving our customers visibility and control while maximizing value from existing tools, and consumption pricing that is accessible for all.
Benefits
  • Competitive Salary
  • Stock Options
  • Medical, dental, and vision insurance
  • Flexible spending account (FSA)
  • 401(k) plan offered (US)
  • Parental Leave
  • Professional Development and Career Growth
  • Generous Vacation and Holiday Policy, including 2 Floating Holidays for holidays you observe
  • Employee Resource Groups that reflect our values driven company culture
Company Core Values
  • Customers First, Always - First we help customers. Then everything else.
  • Irreverent, but Serious - We are a serious company with a love for goats and jokes.
  • Curious - We seek to understand problems and the people who have them before taking action.
  • Transparent - Trust is earned when everyone is on the same page.
  • Together - We are collaborative. We are kind. We are open.