Product Security Engineer
Bangalore
ASAPP
Elevate human performance using the power of AI. Achieve breakthrough results in customer experience by empowering your agents with integrated automation.ASAPP is seeking a full-time Product Security Engineer to test and enhance the security of our complex, distributed, cloud-native microservices products. You will collaborate with fellow security engineers and the engineering organization at large, focusing on securing our applications using advanced cloud-native and custom solutions. Your primary goal will be to fortify our application security across the product lifecycle, ensuring robust protection for our innovative AI-driven solutions.
As a member of our growing security team, you will have oversight and responsibility for application security testing, threat modeling, and architecture. You will play a pivotal role in building and optimizing our cloud security infrastructure and implementing a variety of application detection and response tools. By leveraging ASAPP’s people and technology, you will ensure maximum security and contribute actively to system design reviews, fostering a strong security culture throughout our organization.
What you’ll do
- Embedded with Product Engineering, Product Managers, and Architects to ensure alignment and effective collaboration with a goal: Secure ASAPP products
- Gain domain expertise: Deep understanding of ASAPP products portfolio and can represent them from security perspective
- Understand customer data flows and data protection requirements
- Ensure adherence to security best practices for custom software, open-source software (OSS), and APIs
- Ensure security across the entire SDLC process, including CI/CD tooling automation, container security, vulnerability management, design reviews, and penetration testing
- Threat modeling product design along with product engineering team
- Collaborate with key lines of business and engineerings teams
- Act as a Security Champion
- Participate in the security incident detection and response process
What you'll need
- 5+ years of experience in securing applications on cloud-native environments and distributed systems, identifying and implementing security controls
- Background in offensive security, security testing, and security architecture
- Deep understanding of cloud-based ( AWS ) infrastructure and security technologies
- Familiar with container ecosystems ( docker, k8s, helm ), and security best practices
- Proficient in at least one high-level programming language ( Python, Goland)
- Experience designing and documenting security solutions architecture
- Strong interpersonal, verbal and writing communication skills as well as a strong sense of ownership and accountability
What we’d like to see
- B.S. in Computer Science or related field, or equivalent experience
- Experience with CI/CD tools such as GitlabCI, CircleCI among others
- Deep understanding of cloud-native solutions, concepts and good practices
- Familiar with encryption and secrets management technologies (Hashicorp Vault, AWS KMS, symmetric and asymmetric encryption)
Benefits
- Competitive compensation
- Stock options
- Insurance
- Free Lunch and Dinner
- Connectivity (mobile phone & internet) stipend
- Wellness perks
- Mac equipment
- Learning & development stipend
- Parental leave, including 6 weeks paternity leave
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Artificial Intelligence Automation AWS CI/CD CircleCI Cloud Computer Science Docker Encryption Helm Kubernetes Machine Learning Microservices Offensive security Pentesting Product security Python SDLC Vulnerability management
Perks/benefits: Career development Competitive pay Equity / stock options Insurance Parental leave Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.