Product Security Engineer

Sinch, the Customer Communications Cloud, powers meaningful conversations at scale across messaging, voice, and email to help businesses deliver unified, personalized experiences that truly revolve around their customers — no matter the channels they use. Over 150,000 businesses, including 8 of the 10 largest tech companies in the world, rely on us for their customer communication needs, with over 700 billion customer engagements each year.

We are seeking a Product Security Engineer to join our global team. In this role you will be responsible for ensuring we are building the most secure products possible. We are looking for someone who has experience with software development and would like to take the next step and specialise in application security. You will be learning to use application security testing tools and will be working closely with team members across engineering and product to help shift security to the left.

Key responsibilities:

• Working with software engineering teams to ensure standard methodologies are followed in constructing application code.
• Creating application threat models and validating that the appropriate security controls are properly implemented.
• Monitor application security scanning systems output to help identify and remediate issues in applications.
• Planning and coordinating Application Development Security training including advising and training development teams on secure coding practices.
• Explain the nature of software vulnerabilities and options to remediate those vulnerabilities.
• Occasionally work directly with customers.

The successful candidate will possess the following skills and attributes:

• Solid experience constructing web application software with modern software languages such as Java, C#, Python, Javascript, and Golang.
• Experience in an application security role is highly desirable.
• Knowledge in building application threat models, threat assessments, and providing compensating security controls for those threats.
• Experience in working with RDBMS such as MySQL, MS SQL Server, DB2, Oracle and PostgreSQL as well as experience working with NoSQL databases such as MongoDB.
• Excellent understanding of the OWASP Top 10 web application security risks.
• Excellent communication, innovation, critical thinking, problem-solving, planning, prioritisation, project management, collaboration and organisation skills.
• Conflict management and resolution skills.
• Solid experience with techniques, standards and methods for authentication and authorisation, applied cryptography, security vulnerabilities and remediation.
• Knowledge of Source Code Management systems such as Github or Gitlab.
• Occasional experience working directly with customers.
• Experience using SAST/DAST/SCA application security tooling
• Experience using SAST/DAST/SCA application security tooling is highly desirable
• Experience in the telecommunications industry is beneficial
• Experience performing application security assessments using Burpsuite Pro and other application security testing tools is highly regarded
• Experience with public clouds such as AWS, GCP, and Azure and cloud security frameworks such as AWS Well-Architected is preferred

We dream big — for our company, our customers, and our employees — and we hire the best talent worldwide to help us bring our vision to life. We have a local presence in more than 60 countries — probably somewhere near you!

We are committed to building an engaged and talented workforce that represents an environment that is inclusive, supports flexibility and welcomes diversity.

Our values of Dream Big, Win Together, Keep it simple and Make it Happen are the foundation for fostering an environment where diversity of thinking, skills and experiences are embraced, delivering innovation and better business results.

We value our team by offering:

• WHERE YOU WORK MATTERS: We understand the benefit of a flexible schedule where you can best impact both your personal and work life, so we offer a hybrid working arrangement, work from home set up reimbursement and a global mobility policy.
• PUT FAMILY FIRST: We know that building a family take priority, therefore we offer a generous parental leave program: 26 weeks salary for primary care giver and 4 weeks salary for secondary care giver
• CELEBRATE YOURESELF: By providing a day off for your birthday, we want you to take the time to celebrate the year you’ve had with your nearest and dearest.
• TAKE A BREAK: Enjoy a generous annual leave program. We value balance and understand that performance at work requires time to rest at home and/or rejuvenate on vacation.
• STAY HEALTHY: Physical wellness supports mental wellness, so we offer a monthly fitness reimbursement allowance and other wellness programs
• TAKE THE NEXT STEP: Coaching and career development support, including access to a range of online professional development courses
• CARE FOR YOURSELF: Take advantage of our free virtual counselling resources through our global Employee Assistance Program. Your mental health is as important as your physical health.
• MAKE AN IMPACT: Support betterment in your community and beyond by taking paid time off to support a volunteer program of your choice.
• TREAT YOURSELF: Access to Reward+ program that offers a wide range of discounts and deals across retail, entertainment and much more.

If you are looking for the next opportunity in your career and want to work for a people focused, growing tech company, then Apply Now.