What you will be doing:
- Implement and maintain DevSecOps tools, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), and secret scanning.
- Execute and refine security testing protocols, including penetration testing, Dynamic Application Security Testing (DAST), API security testing, web testing, and mobile testing.
- Automate high-fidelity end-to-end (E2E) testing for all API changes before production deployment. Integrate with existing engineering processes.
- Lead Product Security Incident Response Teams (PSIRT) playbook, mature detection and response rules, and actively neutralize against product security threats (such as Account Takeover, API abuse, etc).
- Lead and execute threat modeling exercises across varying scope of the organization. Identify security gaps and control recommendations, including client and server-side controls.
- Design, review, and manage security controls, including user registration, authentication/authorization, password management, account takeover protection, and application layer threat detection. Enhance security tool accuracy and oversee vendor/open-source proof-of-concepts (PoVs).
- Evangelize and promote standardized application logging practices across the organization.
- Evaluate and provide strategic guidance on mitigating security risks efficiently.
- Contribute to various aspects of the Information Security Program, including data privacy, penetration testing, audit evidence production, security awareness training, and enterprise risk management.
- Guide engineers at all levels in designing and integrating security aspects into Greenlight’s products, services, and software development lifecycle (SDLC). Evangelize security culture through security champion program and technical developer-focused security training.
What you bring:
- 10+ years of experience in application and product security with a strong software engineering foundation
- Expert understanding of mobile, web, cloud, container, and cryptographic technologies and security practices.
- Offensive security minded with in-depth knowledge of current and emerging cyber threats, testing procedures, and their mitigations.
- The ability to quickly and deeply learn new technology stacks and modern CI/CD pipelines, including Docker, Kubernetes, AWS, Kotlin, Node.js, Android, iOS, Swift, and gRPC.
- Strong independent critical thinking with the capability to form and defend opinions through knowledge sharing.
- Skillful in assessing and managing security risks with a pragmatic solution-first approach.
- Commitment to continuous improvement, ongoing education and knowledge sharing with peers.
- A humble, collaborative, and supportive approach to teamwork
- Relevant certifications (e.g OSCP, OSWE, GWAPT, GMOB, CISSP) are a plus.
Other Jobs from Greenlight
Senior iOS Engineer
Senior Site Reliability Engineer
VP, Engineering Operations
Staff Engineer
Staff Data Analytics Engineer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say