Product Security Engineer

Job Description:
Working at Pluralsight:
At Pluralsight, we believe everyone should have the opportunity to create progress through technology. Everyone should have access to the skills of tomorrow. That technology can make the world a better place. Through the work we do every day, we empower the people who power our world. And we don't let fear, egos or drama distract us from our mission. We're adults, and we treat each other that way. We have the autonomy to do our jobs, we value transparency and trust in each other to do the right thing. We thrive in an environment with creativity around every corner, challenges that keep us on our toes, and peers who inspire us to be the best we can be. We bring different viewpoints, backgrounds and experiences, and united by our mission to advance the world's tech workforce
The Opportunity:
The Product Security Engineers work closely with engineering teams to secure our Pluralsight platform. They will work on various Secure SDL programs to help identify security Threats and Vulnerabilities on our platform. Provide recommendations to engineering teams on how to address the vulnerabilities.
Duties/responsibilities

• Support and enable engineering teams when performing and maintaining threat models and provide mentorship and guidance to engineers
• Use knowledge of common risks and vulnerabilities to guide engineering teams in building products
• Use and maintain security tooling and processes, such as SAST/ DAST tools and vulnerability reporting
• Promote and develop a security aware mind set among teams
• Record and communicate vulnerability findings and keep records up to date
• Automated DevSecOps security checkpoints
• Collaborate with engineers through all phases of the SDLC

Minimum qualifications/skills

• 3+ years of professional experience in product security, working with SaaS application & Cloud security.
• Must have bachelor's degree or Master's degree with relevant security certifications
• Strong analytical and problem-solving skills
• Good understanding of software development concepts and technologies
• Knowledge of programming languages such as JavaScript, Java, C#, and Python
• Experience with security tools and technologies such as Web Application Firewall, SAST, and DAST
• Experience in performing Penetration testing in identifying security vulnerabilities
• Knowledge on OWASP Top 10/ SANS Top 25 vulnerabilities
• Experience communicating security threats and application vulnerabilities to technical and non-technical team members

Preferred qualifications/skills

• Any Security Certifications like CEH, OSCP will be a plus.

Our Perks & Benefits Include

• Competitive salary and meaningful benefits
• Comprehensive medical & dental coverage for you and your family
• Open vacation policy
• Stay active with our wellness program that allows you to expense your gym membership and other sports activities
• Tuition reimbursement

Bring yourself. Pluralsight is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, age or protected veteran status. Pluralsight will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please visit the bottom of our website to learn how to request an accommodation.
For more information on Pluralsight's commitment to building a more diverse and inclusive workforce please review our most recent Diversity, Equity, Inclusion, and Belonging Report HERE.