Senior Product Security Engineer - Secure Design and Development

The Product Security team is seeking a Senior Product Security Engineer to implement secure development practices in a fast-paced, agile development environment. You will be responsible for defining security requirements, adoption and configuration of security tooling and platforms, threat modeling and risk assessment, secure architecture reviews, secure code reviews, and security testing. Following a shift-left approach, you will partner closely with product engineering teams. A successful candidate is a self-driven security professional, able to effectively communicate with stakeholders to improve product security posture. 

Responsibilities: 

• Partner with Engineering, DevOps and SRE to integrate secure development practices in each stage of SDLC. 

• Perform threat modeling, security assessments and drive security testing for products. 

• Analyze security issues and coordinate triage, tracking and remediation of security incidents. 

• Continuously learn and stay up to date with new technologies, tooling and techniques in cloud and security.

• Provide consultation and educate developers in software security. Participate in internal security community content and activties. 

In order to be considered for this role, you must have:

• 4+ years of experience in cybersecurity or related field 

• Deep understanding and experience with secure architecture reviews, threat modeling and/or risk assessments 

• Solid understanding of DevSecOps principles and CI/CD systems 

• Understanding of security concepts including common vulnerabilities (OWASP Top 10, SANS 25), Secure development practices, and security tooling (SAST, DAST, SCA) 

• Ability to communicate and coordinate with stakeholders remotely 

• Passion to learn and grow in cybersecurity field. Ability to mentor junior team members  

The following is considered a plus: 

• Recognized industry certifications (CEH, OCSP, GIAC ...) 

• Experience with governance and security certifications (SOC2, ISO27001, FIPS) 

• Bsc./Msc. degree or equivalent formal education in cybersecurity or related fields 

Tricentis Core Values
Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviors we model that create an enjoyable and successful Tricentis life.

• Demonstrate Self-Awareness: Own your strengths and limitations.
• Finish What We Start: Do what we say we are going to do.
• Move Fast: Create momentum and efficiency.
• Run Towards Change: Challenge the status quo.
• Serve Our Customers & Communities: Create a positive experience with each interaction.
• Solve Problems Together: We win or lose as one team.
• Think Big & Believe: Set extraordinary goals and believe you can achieve them.
   

We offer:

• Competitive salary + bonus
• Favorable working atmosphere in a rapidly expanding company
• Hybrid work environment
• Personal and professional development
• Variety of career opportunities and a wide range of tasks
• Exciting office events and welfare activities. Join us for a rewarding work experience!

Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran.