Sr. Product Security Engineer

As a Sr. Product Security Engineer, you'll play a pivotal role in leading product security initiatives, ensuring robust protection against potential vulnerabilities, and shaping secure coding practices across the organization. Your expertise will drive the security of our products to new heights.

As a Sr. Product Security Engineer you will be responsible for:

• Cross-Functional Leadership: Lead cross-functional team activities, integrating advanced security best practices throughout the product development lifecycle.
• Security Assessments: Conduct and oversee regular security assessments, including in-depth code reviews, threat modeling, and vulnerability assessments, to identify and mitigate security weaknesses.
• Security Controls: Develop, implement, and automate sophisticated security controls and mechanisms to protect against unauthorized access, data breaches, and other security threats.
• Secure Architecture: Architect and design secure software and infrastructure components, ensuring scalability, reliability, and robustness.
• Cloud Security: Implement and manage cloud security measures, ensuring the security of our cloud infrastructure and services.
• Security Tools Utilization: Utilize security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST) to identify and address security vulnerabilities.
• Mentorship: Mentor and guide developers and DevOps teams, fostering a culture of security awareness and continuous improvement.
• Stay Updated: Stay updated with the latest security trends, threats, and technologies, and proactively implement improvements to our security posture.
• Collaboration: Collaborate with other security teams to address vulnerabilities and enhance our security protocols.

You should apply if you have:

• 5+ years of experience in Information Security.
• Extensive experience and deep understanding of software development fundamentals and secure coding principles.
• Proficiency in identifying and mitigating common and advanced security vulnerabilities and attack vectors, including an in-depth understanding of the OWASP Top 10.
• Significant experience developing and securing web applications using technologies such as Java, JavaScript, Python, TypeScript, and React.
• Strong expertise in cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
• Proficiency with version control systems and CI/CD tools such as GitHub, GitLab, Jenkins, and others.
• Experience with security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST).
• Strong analytical and problem-solving skills with the ability to think critically and strategically.
• Excellent communication and collaboration skills with the ability to influence and drive security initiatives across the organization.
• Experience mentoring and guiding junior engineers, developers, and DevOps teams in security practices.

What makes the Security department at Gong unique? 

Here at Gong, we trust and empower our employees with ownership to solve complex problems, make the right decisions and build the best products that create radical impact. We call it “Own. Solve. Impact.” 

Our security team is at the forefront of a monumental shift in how we implement processes. Instead of simply saying "no," we embrace the mindset of "let's explore how we can make it work." Our security team brings a wealth of backgrounds, experience, and wisdom to the table. 

If you are curious to discover Gong's wonderful and challenging world, what are you waiting for? Don’t delay - fill in your application details. Who knows, maybe there’s a Gongster in you!

About us 

Gong unlocks reality to help people and companies reach their full potential. The patented Gong Reality Platform™ empowers companies to take advantage of their most valuable assets – customer interactions, which the Gong platform automatically captures and analyzes. Gong then delivers insights at scale, empowering revenue and go-to-market teams to determine the best actions for winning outcomes.

Here at Gong, we encourage our employees to express their personality and identity (whether gender, ethnic, religious, or sexual), and we ensure fairness and equal opportunities. We follow a hybrid working model that combines working from home, on the go, or at the office. This allows us: flexibility, autonomy, positive work relationships, and effective work habits.

If these considerations are important to you when choosing a work place, we'd love to see you with us.

To review Gong's privacy policy, visit  www.gong.io/privacy-policy/ for more details.

•

Last updated on Aug 13, 2024