Senior Product Security Engineer

As a Senior Application Security Engineer working remotely from eastern US/Canada or remotely from the UK or in our Bristol UK office where you will gain invaluable experience at a visionary identity security company. The position requires a passion for application security solving both technical and organizational changes with the ability to work in a fast moving distributed and agile development environment excellent communications skills and attention to latest security best practices.

You will:

●    Own multiple Security Engineering assignments working with Ping Identity products processes and tooling

●    Provide technical leadership and mentor other Product Security Engineers

●    Assist in proposing developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global high-performance product engineering teams

●    Work with the product teams to perform architectural security design/code reviews vulnerability assessment and management

●    Perform security tasks including (but not limited to) threat modeling developer training static code analysis dynamic runtime fuzzing building custom tools and automation and exploit development.

●    Innovate in all aspects of automation of SSDLC tasks including use of Generative AI

●    Assist the presales support and customer success teams responding to prospect customer and field questions related to product and industry security

●    Engage with third-party security consultants for independent security assessments bug bounties and penetration testing of the product

You have:

●    4+ years of proficiency in a mix of Enterprise Application Security API Security Web Application Security and Mobile Application Security

●    4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience

●    Exceptional problem-solving skills curiosity about the inner workings of systems and showing attention to details and documentation

●    Excellent written and oral communication skills

You have an advantage if you have:

●    Experience with Linux environments administration security internals

●    Experience with identity management (OAuth 2.x OpenID Connect SAML Active Directory 2FA/MFA LDAP SCIM FAPI OpenBanking)

●    Experience in securing machine learning or generative AI platforms

●    Experience with CI/CD cloud deployment in Amazon AWS Azure or Google Cloud Platform

●    Security certifications such as CISSP CSSLP GIAC OSCP

Hiring Range: $155000 - $175000

In accordance with Colorado’s Equal Pay for Equal Work Act (SB 19-085) the approximate compensation range for this role in Colorado is listed above. Final compensation for this role will be determined by various factors such as knowledge skills and abilities.