Senior Product Security Engineer

Job Description

Where you’ll work:  India (Remote) / Bangalore

Security at GoTo

In today’s world, “work anywhere” means “secure everywhere.” We strive to deliver secure, remote workforce products and services that ensure business assets, customer, and employee data are protected. We build security & privacy by design and default, leveraging the SecDevOps methodology and nurturing a culture that enables security and privacy in everything we do. Security, meet simplicity

Your Day to Day

As a Senior Product Security Engineer, you would be working on:

• Conduct security architecture reviews for new and existing products.

• Collaborate with engineering teams to implement secure-by-design principles.

• Perform comprehensive threat modeling and security reviews to identify and mitigate security risks early in the development process.

• Develop and enforce secure coding standards and practices.

• Provide security-focused code reviews for critical components.

• Monitor emerging security vulnerabilities and ensure remediation.

• Work closely with DevOps and engineering teams to integrate security practices.

• Mentor junior engineers, promoting a culture of security-first thinking.

• Ensure product compliance with relevant standards (e.g., GDPR, ISO 27001, SOC 2).

• Stay current with security trends, technologies, and best practices.

• Identify and implement new technologies to enhance the security posture of GoTo products.

What We’re Looking For

As a Senior Product Security Engineer, your background will look like:

• 5+ years of professional, hand-on application and/or product security work experience; preferably in a SaaS product company of similar scale and scope 

• Comprehensive understanding of software development lifecycle models as well as secure coding techniques 

• Familiarity with CI/CD pipelines and cloud security principles (e.g., AWS, Azure, or GCP or Oracle)

• Knowledge of techniques, standards, and state of the art capabilities for security automation, (e.g., SAST, DAST, SCA, IAST, EDR, NGFW, WAF) 

• A mix of relevant certifications in key areas would be helpful (but not required): CISSP, CCSP, CSSLP, CISM, CIPP, AWS Certified Security Specialist, Azure Security, AWS Certified Solutions Architect, SANS GIAC, etc.

• Experience with eCommerce systems and/or Data warehousing is a plus.

You’ll be working towards a shared goal with an open-minded and cohesive team greater than the sum of its parts. At GoTo, we’re passionate about growing a diverse and inclusive work ecosystem because unique takes make us a stronger company, and Stronger Together. We’re committed to creating an inclusive space for everyone, no matter what. That’s how we’ll Be Real, Think Big, Move Fast, and Keep Growing along the way. Learn more.