Product Security Engineer

Description

EGNYTE YOUR CAREER. SPARK YOUR PASSION.

Egnyte is a place where we spark opportunities for amazing people. We believe that every role has a great impact, and every Egnyter should be respected. When joining Egnyte, you’re not just landing a new career, you become part of a team of Egnyters that are doers, thinkers, and collaborators who embrace and live by our values:

• Invested Relationships
• Fiscal Prudence
• Candid Conversations

ABOUT EGNYTE

Egnyte is the secure multi-cloud platform for content security and governance that enables organizations to better protect and collaborate on their most valuable content. Established in 2008, Egnyte has democratized cloud content security for more than 22,000 organizations, helping customers improve data security, maintain compliance, prevent and detect ransomware threats, and boost employee productivity on any app, any cloud, anywhere. For more information, visit www.egnyte.com

.

Currently, we’re seeking an engineer who’s well-rounded in terms of application security and has in-depth expertise in application security, security architecture and/or penetration testing. Joining Egnyte, you will be able to apply your skills to interesting challenges, work with diverse technologies, and large-scale software.

Product Security engineers at Egnyte are involved in every stage of the SDLC to highlight security concerns and provide expert advice on addressing them. By promoting security principles, ongoing penetration testing, and developing “paved roads,” we’re able to provide our customers with a secure and reliable product.

To excel at this role, you need to be passionate about DevSecOps, as it’s something we’re genuinely committed to at Egnyte. Knowledge about cloud platform security practices and interest in developing security tooling are important as well. You will have a chance to develop security-oriented tools and processes from conception to completion.

WHAT YOU’LL DO:

• Partner with engineering and product teams, providing expertise and advice regarding secure design, implementation, and best practices.
• Responsible for threat modeling, security reviews, and penetration testing of web, mobile, and desktop applications, identifying vulnerabilities and seeking effective remediation opportunities.
• Maintain high ownership, embrace a proactive and constructive approach for effective problem-solving.
• Integrate security into the Software Development Life Cycle.
• Validate and assess issues reported through our bug bounty programs.
• Develop tools, documentation, processes, and techniques to ensure the security of our software.
• Maintain consistently high standards of communication, productivity, and teamwork across all teams.
• Share knowledge, mentor and train other team members to foster a culture of excellence and security awareness in software engineering.

YOUR QUALIFICATIONS:

• 3+ years of application security experience, DevSecOPS/Automation background preferred
• Proven experience in implementing Secure-SDLC
• Hands-on experience in conducting code and architecture security reviews, penetration tests and thread modeling
• In-depth knowledge of OWASP guidelines & standards (ASVS, MASVS, WSTG, and related)
• Solid knowledge of security testing tools and techniques
• Familiarity with concepts like Identity, Data protection, Monitoring, and IR in the cloud services space
• Ability to create and deploy your own tools and automation (preferably in Python)
• Being a strong communicator who is comfortable working cross-functionally.
• Strong sense of ownership and ability to work in long-term projects and initiatives.
• English level: C1

BONUS SKILLS:

• Experience as a Software Engineer or Architect (preferably in Java, Go or Python)
• AI Security experience
• Cloud security experience (preferably in GCP and/or MS Azure)

BENEFITS:

• Attractive salary package based on skillset
• Your own Egnyte account with lifetime access to 50TB of cloud storage
• MyBenefit: you can choose a MultiSport card or gift cards every month
• Modern Health platform access - dedicated tool for mental health services
• Private medical healthcare
• In-house English classes

COMMITMENT TO DIVERSITY, EQUITY, AND INCLUSION:

At Egnyte, we celebrate our differences and thrive on our diversity for our employees, our products, our customers, our investors, and our communities. Egnyters are encouraged to bring their whole selves to work and to appreciate the many differences that collectively make Egnyte a higher-performing company and a great place to be.