Senior Product Security Engineer

hace 3 meses

Vicente López Buenos Aires, Argentina Medallia A tiempo completo

Overview:
We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole selves to work each day. The strength of our global workforce is the most significant contributor to our success.

We believe: Every Experience Matters. Talent is Everywhere. All Belong Here.

At Medallia, we hire the whole person.

**The Role and Team**

At Medallia, the Product Security team’s mission is to build customer trust in Medallia’s products by setting the standards and principles for secure development and validating our security through continuous assessment.

**Our Engineering Culture**:

- We don’t expect to be perfect, but we are always proactively seeking out ways to help ourselves and our teams to minimize pain points within our infrastructure and code base.
- We love technology and follow the latest technologies and sharing what we learn.
- We are not afraid of failing when we are experimenting with different technologies, development methodologies, and toolings.
- We build strong relationships with team members around the globe and are not afraid to challenge our team members and peers on enforcing good habits and best practices.

**Some High-level Areas We’re Investing In Include**:

- Implementing RASP(Runtime Application Self-Protection) for all Medallia products
- Scale proactive security controls to new environments (e.g. acquisitions).
- Application Security posture management[ASPM]
- API Security

**Responsibilities**:

- Assist and enable engineering teams to adopt secure development practices.
- Provide software security advice to cross-functional teams including product, engineering, and services.
- Create and refine the Security Champions Program to align with the Medallia’s security goals and objectives.
- Work closely with engineering and product teams to drive security issues to resolution.
- Develop and mature software security guidance including training materials, best practices, secure development standards,etc.
- Automate security testing at scale by building and implementing static[SAST], dynamic analysis tools[DAST], SCA, and integrating security into the software development lifecycle using CI/CD process
- Employ knowledge and deep understanding of the threat landscape, SaaS industry, and customer feedback to drive the pipeline of impactful security features

Qualifications:
Minimum Qualifications:

- 4 years of experience with software security assessments and remediation in Java (or other object-oriented languages)
- Demonstrated experience in at least two of the following areas: architecture review/threat modeling, penetration testing, and static code analysis automation
- Demonstrated experience with tools and technologies used throughout secure SDLC (e.g., Checkmarx, Fortify SCA, Coverity, AppScan Standard/Enterprise, WebInspect, Netsparker, Burp Suite, Nessus, etc.)
- Have set-up or supported bug bounty programs.
- Advocated for security within teams by clearly articulating security risks and mitigation strategies, ensuring that security considerations are prioritized in product development and operational processes
- Developed comprehensive security documentation, including threat models, security coding practices. Ensured documentation was clear, accurate, and useful for both technical and non-technical stakeholders.

Preferred Qualifications:

- 5+ years of experience with software security assessments and remediation in Java (or other object-oriented languages)
- Independent problem-solving capabilities and excellent communication skills
- Drive to take ownership of projects and drive resolution without close supervision
- Proven ability to work collaboratively across and within teams
- CISSP or CSSLP certification
- Knowledge of OSS scanning tools like Black Duck, SRC:CLR, Defensics, Snyk
- Knowledge of Node.js or any modern JS framework (such as React.js), or with native mobile developmentKnowledge of popular web development frameworks (AngularJS, React, Redux, Velocity, StringTemplate, jQuery, Jackson, THRIFT, etc.)
- Proficiency with Python, Ruby, or other scripting languages
- Knowledge of microservices architecture and containers
- Experience working in a compliance-focused environment Knowledge of FedRAMP (Federal Risk Authorization Management Program)Knowledge of FISMA (Federal Information Systems Management Act)

LI-LR1

  • Senior Network Security Operations Engineer

    hace 4 semanas

    Buenos Aires, Argentina Kapres Technology, S.L. A tiempo completo

    Desde Kapres Technology estamos buscando un Network Security Operations Engineer para trabajar con un cliente. Como Network Security Operations Engineer, desempeñará un papel fundamental para garantizar la estabilidad, integridad y seguridad de la infraestructura de red de la organización. Aprovechando su amplia experiencia y conocimientos en operaciones...

  • Senior Security Operations Engineer

    hace 3 meses

    Vicente López, Buenos Aires, Argentina Medallia A tiempo completo

    Overview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...

  • Product Security Engineer

    hace 4 semanas

    Buenos Aires, Argentina Mindbody A tiempo completo

    We're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we're...

  • Product Security Engineer Iii

    hace 3 meses

    Buenos Aires, Argentina Mindbody A tiempo completo

    We're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we're...

  • Application Security Engineer

    hace 6 meses

    Buenos Aires, Argentina VS-Staffing A tiempo completo

    **Application Security Engineer - Remote Costa Rica** Location: Remote LATAM **Role**: We are looking for an experienced Application Security Engineer to join us! As an Application Security Engineer, you will work as a part of our security engineering team, and you will collaborate with other IT professionals to ensure that user data is protected. **What...

  • [Urgente] Senior Devops Engineer

    hace 4 semanas

    Buenos Aires, Argentina Lawton Senior Living A tiempo completo

    Latch was founded in NYC a decade ago with a vision to create unparalleled experience for residents through hardware and software. Now after 100+ million unlocks, we're continuing that vision to transform how people interact act with spaces everywhere. Our mission is to unified access to spaces, services, and experiences that redefine the way we live, work,...

  • Senior Security Engineer

    hace 2 meses

    Buenos Aires, Argentina BetWarrior A tiempo completo

    **JOIN OUR TRIBE!** Do you strive for **excellence**? Do you embrace **innovation**? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent**, **safe **and **responsible **way. We are **BetWarrior** We welcome passionate warriors and are currently looking for a **Senior Security...

  • Security IAM Engineer

    hace 2 meses

    Buenos Aires, Argentina CJ Recruitment A tiempo completo

    Buenos días Red!! Tenemos nueva vacante en CJ Recruitment !!!! Estamos buscando un Security IAM Engineer Semi senior solo aplica para candidatos que vivan en Argentina! Rol 100% Remoto y pago en USD Benefits: Days off. 3 weeks of annual vacation (1 week is paid). Work equipment provided. Paid gym membership. Access to Platzi...

  • Security IAM Engineer

    hace 1 mes

    Buenos Aires, Argentina CJ Recruitment A tiempo completo

    CJ Recruitment está buscando un Security IAM Engineer Semi senior con experiencia en Identity Management y conocimientos en herramientas de Identity Governance & Lifecycle. El rol es 100% remoto y se paga en USD. Los beneficios incluyen días libres, 3 semanas de vacaciones anuales, equipo de trabajo proporcionado, membresía a la gimnasio pagada y acceso a...

  • Senior Network Security Engineer

    hace 2 semanas

    Buenos Aires, Argentina Innovate Skillsource A tiempo completo

    Network Security Engineer This is a permanent position and dedicated to the implementation of high level security projects. We are looking for an enthusiastic engineer who wants to grow and develop. Ongoing certification and training in different areas of specialisation will be available. Key Responsibilities: Manage the security in Cisco Routers,...

  • Senior Security Engineer

    hace 3 meses

    Capital Federal, Buenos Aires, Argentina Edgeuno A tiempo completo

    As a **Senior Security Engineer** at EdgeUno you will be a hands-on contributor, actively leading technical initiatives and special projects within the Cybersecurity and Developments teams. You will be responsible for integrating security into the CI/CD pipelines, designing, implementing, and auditing security controls across cloud infrastructure and...

  • Software Engineer Ii, Security Engineering

    hace 3 semanas

    Vicente López, Buenos Aires, Argentina Medallia A tiempo completo

    Overview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...

  • Senior Cloud Security Engineer

    hace 6 meses

    Buenos Aires, Argentina Track gaming Buenos Aires SA A tiempo completo

    **JOIN OUR TRIBE!** Do you strive for **excellence **? Do you embrace **innovation **? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent **, **safe **and **responsible **way. We are **BetWarrior We welcome passionate warriors and are currently looking for a **Senior Cloud...

  • Senior Cloud Security Engineer

    hace 6 meses

    Buenos Aires, Argentina BetWarrior A tiempo completo

    **JOIN OUR TRIBE!** Do you strive for **excellence**? Do you embrace **innovation**? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent**, **safe **and **responsible **way. We are **BetWarrior** We welcome passionate warriors and are currently looking for a **Senior Cloud...

  • Security Engineer

    hace 2 semanas

    Buenos Aires, Argentina Hansen Technologies A tiempo completo

    **About The Role** The Hansen IT Security Engineer reports into the Head of Global IT Security and will proactively managing rulesets and configurations of security platforms, tune alerting and reporting of security event monitoring dashboards to optimize systems and ensure they are stable and current. **About You** - You are a skilled engineer who...

  • IT Security Engineer

    hace 3 meses

    Buenos Aires, Argentina Sicpa A tiempo completo

    Req ID: 28483- Posted on: 1 Sep 2024- Location: Buenos Aires (AR01), Argentina- Department: Customer Projects Deployment & Services- Job Family: Information Technology We are looking for a highly motivated, outstanding Software Security Engineer to join our small but very dynamic team. **SOFTWARE SECURITY ENGINEER** **ROLE**: - Collaborate with...

  • Senior Site Reliability Engineer

    hace 3 meses

    Vicente López, Buenos Aires, Argentina Medallia A tiempo completo

    Overview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...

  • Information Security Engineer

    hace 6 meses

    Buenos Aires, Argentina Launchpad Technologies A tiempo completo

    Launchpad, a people-first technology company, is a leader in North America´s rapidly growing tech sector. Through two solutions, Launchpad supports its clients with digital transformation: - PaasportTM, our iPaaS solution, streamlines software integration and automates workflows. - Nearshore Staff Augmentation, our managed IT staffing service, connects top...

  • Senior Embedded Software Engineer

    hace 2 semanas

    Buenos Aires, Argentina SelektIT A tiempo completo

    Job Title: Senior Embedded Software Engineer Location: Remote/Flexible Work Status: US Citizen We're Hiring! Join our team as a Senior Embedded Software Engineer and play a pivotal role in shaping the future of hardware security! We want to meet you if you are passionate about embedded systems and have a strong background in system architecture and...

  • Network Security Engineer

    hace 2 meses

    Buenos Aires, Argentina Redeploy A tiempo completo

    ‍♀️ About Redeploy RunAt Redeploy Run, we specialize in platform engineering and operations, helping our customers simplify their infrastructure and speed up application delivery. Our mission is to make cloud adoption faster and easier. Our 'Ready-to-Run' platform products, including Technology Platforms and Industry Cloud Platforms, let IT...