Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Junior (1 to 2 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Enterprise Software, Information SecurityIndustries
Requirements
Candidates should have 3-5 years of technical product security experience, including SSDLC tooling, automation, remediation advisory, security testing, and threat modeling. Proven ability to solve complex product security issues and protect products using a risk-based approach is essential, along with extensive knowledge of the current product security threat landscape and industry best practices. Experience working in Agile development with technologies such as containers (Docker, Kubernetes), pipeline security tool integration, defect tracking (Jira, ServiceNow), source code management (GitLab, GitHub, BitBucket), and application security testing tools (SAST, DAST, IAST, SCA) is required. The role also requires the ability to innovate and find creative solutions that balance business and security needs, and potentially provide on-call support.
Responsibilities
The Product Security Engineer will participate in expanding and maturing the SailPoint S-SDLC program, performing proactive and reactive scanning and auditing throughout the SSDLC, and triaging issues with development teams. Responsibilities include configuring, maintaining, and tuning product and application security technologies, reducing false positives, and assisting tech leads and developers with remediation strategies. The engineer will support automation and tooling of security technologies for development teams, assist in developing custom software quality tests and Security as Code solutions, and review designs for security defects while performing threat modeling. They will also provide training and guidance to development teams, cultivate security ownership, communicate new security services, manage product/application vulnerabilities, provide input to security risk impact assessments, and work closely with engineering to sustain processes and automate manual integrations. Additionally, the role involves being part of the Product Security Incident Response Team (PSIRT).
Skills
SSDLC
threat modeling
security scanning
remediation
security tooling
automation tooling
Security as Code
software quality tests
Pipelines
DevOps
reviewing security defects
design security reviews
training and guidance
SailPoint
Provides identity security solutions for enterprises
About SailPoint
SailPoint provides identity security solutions that help organizations manage and protect digital identities. Its main products, including IdentityIQ, IdentityNow, and File Access Manager, assist businesses in ensuring compliance with regulations, reducing risks, and controlling access to sensitive information. These products work by giving organizations visibility into who has access to what data, allowing them to manage permissions effectively. SailPoint stands out from competitors by utilizing advanced technologies like artificial intelligence and machine learning to enhance its identity governance capabilities. The company's goal is to be a trusted partner for enterprises in navigating the complexities of identity security, ensuring that they can securely manage access to their critical information.
Austin, TexasHeadquarters
2004Year Founded
$20.7MTotal Funding
IPOCompany Stage
Cybersecurity, AI & Machine LearningIndustries
1,001-5,000Employees
Risks
Emerging identity management startups increase competition, potentially eroding market share.
Rapid technological changes may outpace SailPoint's innovation, risking solution obsolescence.
Integration challenges with acquisitions like SecZetta may disrupt services or misalign strategies.
Differentiation
SailPoint specializes in managing and securing digital identities for enterprises.
The company leverages AI and machine learning to enhance identity security solutions.
SailPoint's IdentityIQ provides visibility and control over user access.
Upsides
Growing demand for remote work security boosts SailPoint's remote access management features.
Rising adoption of AI-driven identity analytics aligns with SailPoint's AI capabilities.
Increased regulatory requirements drive demand for SailPoint's identity governance solutions.
Related Jobs
RemoteRemoteSoftware Engineer, Security
Render$193,000 - $265,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Software Security Engineer
Muon SpaceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemotePrincipal DevSecOps Engineer
Second Front SystemsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteQA Automation Engineer, API / Security
Keeper SecuritySalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemotePerformance Modeling Engineer
GroqSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteVulnerability Detection Engineer (Content) - Exposure Management (Remo…
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Cloud Security
OpenAI$279,000 - $385,000/year
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteManager, Engineering (Guarded Containers)
ChainguardSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteProfessional Services Engineer - East
TinesSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSr. Product Manager - Exposure Management (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Software Engineer, KSM (SDKs & Integrations)
Keeper SecuritySalary not specified
- Full Time
- Senior (5 to 8 years)