Principal Security Engineer at Endor Labs

Bengaluru, Karnataka, India

Apply Now

Not SpecifiedCompensation

Expert & Leadership (9+ years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, Software SecurityIndustries

Requirements

The Principal Security Engineer should possess hands-on engineering experience, including writing production code and securing modern systems, along with a full-spectrum mindset encompassing attacker and architect perspectives. Experience with cloud-native stacks (Azure, GCP), endpoint management, identity systems (SSO, MDM), and secure SaaS use is required, and experience securing internal and external AI/ML usage is highly desirable. Strong understanding of real-world threat models and risk reduction is also necessary.

Responsibilities

As the Principal Security Engineer, you will partner with engineering teams to design secure-by-default systems and infrastructure, lead secure SDLC practices and runtime hardening efforts, shape developer-friendly security standards, and create educational materials. You will also own security for corporate infrastructure, including identity, email, Slack, SaaS apps, endpoints, and cloud accounts, stand up effective monitoring for external threats, implement modern DLP strategies, define and drive secure usage of GenAI tools, lead incident response, and engage with customers on security topics.

Skills

secure SDLC

runtime hardening

secure-by-default

secure architecture

infrastructure security

application security

secure coding practices

security standards

developer education

patterns

Endor Labs

Cybersecurity software vulnerability analysis services

About Endor Labs

Endor Labs specializes in cybersecurity by focusing on reachability-based dependency analysis to identify vulnerabilities in software that hackers could exploit. Their team, composed of PhDs, analyzes software to provide a comprehensive risk score that evaluates security, quality, popularity, and activity. This analysis helps reduce alert noise by 80%, allowing clients to concentrate on the most critical issues. They offer a flexible policy engine for clients to create tailored risk profiles, minimizing disruptions in the software development process. Additionally, Endor Labs assists businesses in managing Software Bill of Materials (SBOM) and Vulnerability Exploitability Exchange (VEX) to understand the risks and costs associated with software ownership. Their goal is to enhance the security and quality of software for businesses of all sizes while generating revenue through their analysis and monitoring services.

Palo Alto, CaliforniaHeadquarters

2021Year Founded

$92.4MTotal Funding

SERIES_ACompany Stage

Data & Analytics, CybersecurityIndustries

51-200Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Mental Health Support

Unlimited Paid Time Off

401(k) Retirement Plan

Remote Work Options

Risks

Integration with Microsoft Cloud Defender may strain resources to maintain high performance.

New AI model evaluation tool could expose Endor Labs to risks of biases and inaccuracies.

Strategic investment from Citi Ventures may pressure the company for rapid financial growth.

Differentiation

Endor Labs specializes in reachability-based dependency analysis for software vulnerability detection.

The company offers a comprehensive risk score for software packages, reducing alert noise by 80%.

Endor Labs' flexible policy engine allows clients to create specific risk-based policies.

Upsides

Endor Labs' SCA tool is integrated with Microsoft Cloud Defender, expanding its market reach.

The company received strategic investment from Citi Ventures, boosting financial resources.

Endor Labs won 'Most Innovative Technology' award, enhancing its industry credibility.

Land your dream remote job 3x faster with AI

Try Jobo Free