We are seeking a highly technical Security Engineer to join our Product Security team. This role is integral to ensuring the security and integrity of our products and services.
You will conduct in-depth code reviews, implement security best practices, and influence the overall security strategy. Your expertise in TypeScript, Python, Kubernetes, CI/CD, SAST, DAST, and terraform orchestration will be crucial in identifying and mitigating potential security vulnerabilities.
You will:
- Conduct in-depth code reviews to identify and remediate security vulnerabilities.
- Evaluate and enhance the security of our product offerings, through RFC and service review.
- Implement and maintain CI/CD pipelines with a strong focus on security.
- Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to identify vulnerabilities in production code.
- Utilize terraform orchestration to ensure secure and efficient infrastructure management.
- Guide engineering teams to build robust long-term solutions that consider security and privacy.
- Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact.
- Influence the security strategy and direction of the team, advocating for best practices and continuous improvement.
Ideally, you’d have:
- Proven experience as a Security Engineer with a focus on product security.
- Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.
- Strong understanding of modern Javascript application design.
- Production experience with Kubernetes backed services
- Hands-on experience with SAST and DAST tools and methodologies.
- Familiarity with terraform orchestration for infrastructure management.
- You can structure complex problems and diagnose root causes independently, providing actionable insights without requiring manager input.
- Excellent communication skills, with the ability to clearly present technical concepts and their implications to both technical and non-technical stakeholders.
- Demonstrated ability to influence security strategies and drive improvements within a team.
- Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus.
Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training.
You’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.
The base salary range for this full-time position in the location of Washington DC/Hawaii is: $205,700-$257,400 USD
The base salary range for this full-time position in the location of St. Louis/Suffolk is: $171,600-$214,500 USD
XML job scraping automation by YubHub
