Senior Product Security Engineer

Poland

Apply with AI Apply

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Data Management, Cybersecurity, Software DevelopmentIndustries

Requirements

Candidates should have experience in software development or product security engineering, with additional full-time product or information security experience. Proven experience performing security design reviews for complex applications, including distributed systems, APIs, and services deployed to cloud, on-premise, and hybrid environments is required. Expert knowledge and implementation experience across information security disciplines, including web application, network, and operating systems security, fluency with the OWASP Top 10, ASVS, and other common vulnerabilities and exploit techniques, solid understanding of common application and network protocols, cryptographic technologies, and authentication and authorization protocols, and knowledge of compliance requirements for industry-standard certifications like PCI, SOC2, ISO 27001, FedRAMP are necessary. Direct experience supporting cloud operational models, including SaaS security architecture, microservices, containers, and AWS security is also required.

Responsibilities

The Senior Product Security Engineer will partner with EMEA Engineering teams to build secure software and systems. Responsibilities include performing application security assessments such as AWS architecture review, threat modeling, secure code review, and general security consulting. The engineer will assist and enable product teams to follow secure development practices and own security within their product area. They will consult with development and operations teams to provide guidance and recommend secure design patterns, perform security assessments on new and existing products and services to identify security risks and establish baseline security requirements, evaluate results from Cribl’s Cloud Security Posture Management (CSPM), perform root cause analysis on AWS misconfigurations, and educate engineering teams on secure AWS patterns. Additionally, they will establish, improve, and drive security patterns and processes across Engineering to improve the security and resiliency of software and systems architecture.

Skills

AWS security

Application security assessments

Threat modeling

Secure code review

Security consulting

Secure development practices

Cloud security

On-premises security

Cribl

Data observability solutions for tech businesses

About Cribl

Cribl operates in the data observability market, helping tech businesses monitor, analyze, and visualize their data for better operational and security insights. The company offers two main products: Cribl Stream and Cribl Edge. Cribl Stream enables businesses to efficiently route and transform logs and metrics, either on their own infrastructure or through cloud services, ensuring timely data delivery. Cribl Edge focuses on collecting and processing real-time observability data from edge devices, which can then be sent to Cribl Stream or other destinations. Cribl distinguishes itself by integrating seamlessly with platforms like Office 365 and Microsoft Azure, allowing clients to enhance their data management capabilities. The company's goal is to create effective data ecosystems that empower organizations to make sense of their data.

San Francisco, CaliforniaHeadquarters

2018Year Founded

$576.3MTotal Funding

SERIES_ECompany Stage

Data & Analytics, Enterprise SoftwareIndustries

501-1,000Employees