Product Security Engineer
Argentina
Applications have closed
ASAPP
Elevate human performance using the power of AI. Achieve breakthrough results in customer experience by empowering your agents with integrated automation.ASAPP is seeking a full-time Product Security Engineer to test and enhance the security of our complex, distributed, cloud-native microservices products. You will collaborate with fellow security engineers and the engineering organization at large, focusing on securing our applications using advanced cloud-native and custom solutions. Your primary goal will be to fortify our application security across the product lifecycle, ensuring robust protection for our innovative AI-driven solutions.
As a member of our growing security team, you will have oversight and responsibility for application security testing, threat modeling, and architecture. You will play a pivotal role in building and optimizing our cloud security infrastructure and implementing a variety of application detection and response tools. By leveraging ASAPP’s people and technology, you will ensure maximum security and contribute actively to system design reviews, fostering a strong security culture throughout our organization.
What you’ll do
- Embedded with Product Engineering, Product Managers, and Architects to ensure alignment and effective collaboration with a goal: Secure ASAPP products
- Gain domain expertise: Deep understanding of ASAPP products portfolio and can represent them from security perspective
- Understand customer data flows and data protection requirements
- Ensure adherence to security best practices for custom software, open-source software (OSS), and APIs
- Ensure security across the entire SDLC process, including CI/CD tooling automation, container security, vulnerability management, design reviews, and penetration testing
- Threat modeling product design along with product engineering team
- Collaborate with key lines of business and engineerings teams
- Act as a Security Champion
- Participate in the security incident detection and response process
What you'll need
- 5+ years of experience in securing applications on cloud-native environments and distributed systems, identifying and implementing security controls
- Background in offensive security, security testing, and security architecture
- Deep understanding of cloud-based ( AWS ) infrastructure and security technologies
- Familiar with container ecosystems ( docker, k8s, helm ), and security best practices
- Proficient in at least one high-level programming language ( Python, Goland)
- Experience designing and documenting security solutions architecture
- Strong interpersonal, verbal and writing communication skills as well as a strong sense of ownership and accountability
What we’d like to see
- B.S. in Computer Science or related field, or equivalent experience
- Experience with CI/CD tools such as GitlabCI, CircleCI among others
- Deep understanding of cloud-native solutions, concepts and good practices
- Familiar with encryption and secrets management technologies (Hashicorp Vault, AWS KMS, symmetric and asymmetric encryption)
Benefits
- Competitive compensation
- Stock options
- OSDE 410 for you and your family
- Wellness perks
- Learning & development stipend
- Mac equipment
- 3 weeks of vacation
- English lessons
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Artificial Intelligence Automation AWS CI/CD CircleCI Cloud Computer Science Docker Encryption Helm Kubernetes Machine Learning Microservices Offensive security Pentesting Product security Python SDLC Vulnerability management
Perks/benefits: Career development Competitive pay Equity / stock options Wellness
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.