FULLTIME
Product Security Engineer
Scout Technologies
Not specified · onsite · Posted 5d ago
Sourced from
Undisclosed0–2 yrsfulltimeNot specified
Your match
?
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
We're looking for
Product Security Engineers (India)! Responsibilities
- Regularly dive deep into mobile, web app technologies in order to understand feature development and proactively hunt for vulnerabilities
- Be proficient in securing cloud-native applications, ensuring that security best practices are applied consistently across our cloud environment
- Be proficient in threat modelling and guide developers in secure design principles to prevent vulnerabilities from being introduced in the first place
- Help remediate vulnerabilities through strategic initiatives, writing patches, or creating understandable and actionable vulnerability tickets.
- Be the subject matter expert across a wide range of security areas, particularly in Application Security.
- Make security invisible when possible, believing that gatekeeping and blocking product teams should be avoided in favour of enabling secure development.
- Mentor and coach junior engineers, sharing your knowledge to help raise the security bar across the organisation
- Leverage automation and security tools to seamlessly integrate security into our CI/CD pipelines, ensuring vulnerabilities are caught early without disrupting development.
Qualifications
- You have a breadth and depth of knowledge across AppSec; you're expected to understand topics like why private keys should be stored in the Secure Enclave, the differences between URL Schemes and Universal Links, what presigned URLs are in the context of S3 and the safest storage mechanisms for modern browsers.
- You know Burp Suite (or your favourite attack proxy) inside and out; bonus points if you've written or contributed to an extension that enhances its functionality.
- You have excellent spoken and written communication skills to articulate vulnerabilities clearly and persuasively, advocating for their remediation even when faced with competing production pressures.
- As a passionate senior security engineer, you have a blog, public speaking engagements, bug bounty profile, or a Git repository showcasing your work.
- You're comfortable writing proof-of-concept (POC) scripts to demonstrate your findings and their potential impact, as needed.
- You have hands-on experience with securing cloud-native applications, ensuring that best practices are consistently applied. ( *Note: Scoutit is an independent candidate sourcing partner for this hiring. All applications, candidate screening, and hiring-related actions are conducted directly by the respective employer’s authorized recruitment team. Relevant candidates will be contacted via email and asked to fill in additional details as part of the next stage of the application process.) Skills: product security,cloud,application security
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02
Skills
Ci/CdApplication SecurityScriptingMobile Application SecurityOWASPthreat modelingBurp SuiteWeb Application Securityweb applicationsmobilecloud-native applicationsAWS S3threat modellingWeb app technologiesPresigned URLsSecure EnclaveUniversal LinksURL Schemes
Section · Company
About Scout Technologies
Scout Technologies
Find them on