Senior Product Security Engineer
hace 2 meses
Overview:
We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole selves to work each day. The strength of our global workforce is the most significant contributor to our success.
We believe: Every Experience Matters. Talent is Everywhere. All Belong Here.
At Medallia, we hire the whole person.
**The Role and Team**
At Medallia, the Product Security team’s mission is to build customer trust in Medallia’s products by setting the standards and principles for secure development and validating our security through continuous assessment.
**Our Engineering Culture**:
- We don’t expect to be perfect, but we are always proactively seeking out ways to help ourselves and our teams to minimize pain points within our infrastructure and code base.
- We love technology and follow the latest technologies and sharing what we learn.
- We are not afraid of failing when we are experimenting with different technologies, development methodologies, and toolings.
- We build strong relationships with team members around the globe and are not afraid to challenge our team members and peers on enforcing good habits and best practices.
**Some High-level Areas We’re Investing In Include**:
- Implementing RASP(Runtime Application Self-Protection) for all Medallia products
- Scale proactive security controls to new environments (e.g. acquisitions).
- Application Security posture management[ASPM]
- API Security
**Responsibilities**:
- Assist and enable engineering teams to adopt secure development practices.
- Provide software security advice to cross-functional teams including product, engineering, and services.
- Create and refine the Security Champions Program to align with the Medallia’s security goals and objectives.
- Work closely with engineering and product teams to drive security issues to resolution.
- Develop and mature software security guidance including training materials, best practices, secure development standards,etc.
- Automate security testing at scale by building and implementing static[SAST], dynamic analysis tools[DAST], SCA, and integrating security into the software development lifecycle using CI/CD process
- Employ knowledge and deep understanding of the threat landscape, SaaS industry, and customer feedback to drive the pipeline of impactful security features
Qualifications:
Minimum Qualifications:
- 4 years of experience with software security assessments and remediation in Java (or other object-oriented languages)
- Demonstrated experience in at least two of the following areas: architecture review/threat modeling, penetration testing, and static code analysis automation
- Demonstrated experience with tools and technologies used throughout secure SDLC (e.g., Checkmarx, Fortify SCA, Coverity, AppScan Standard/Enterprise, WebInspect, Netsparker, Burp Suite, Nessus, etc.)
- Have set-up or supported bug bounty programs.
- Advocated for security within teams by clearly articulating security risks and mitigation strategies, ensuring that security considerations are prioritized in product development and operational processes
- Developed comprehensive security documentation, including threat models, security coding practices. Ensured documentation was clear, accurate, and useful for both technical and non-technical stakeholders.
Preferred Qualifications:
- 5+ years of experience with software security assessments and remediation in Java (or other object-oriented languages)
- Independent problem-solving capabilities and excellent communication skills
- Drive to take ownership of projects and drive resolution without close supervision
- Proven ability to work collaboratively across and within teams
- CISSP or CSSLP certification
- Knowledge of OSS scanning tools like Black Duck, SRC:CLR, Defensics, Snyk
- Knowledge of Node.js or any modern JS framework (such as React.js), or with native mobile developmentKnowledge of popular web development frameworks (AngularJS, React, Redux, Velocity, StringTemplate, jQuery, Jackson, THRIFT, etc.)
- Proficiency with Python, Ruby, or other scripting languages
- Knowledge of microservices architecture and containers
- Experience working in a compliance-focused environment Knowledge of FedRAMP (Federal Risk Authorization Management Program)Knowledge of FISMA (Federal Information Systems Management Act)
LI-LR1
-
▷ (Urgente) Senior Product Security Engineer
hace 3 días
Vicente López, Argentina Medallia A tiempo completoOverview Medallia is the pioneer and market leader in Experience Management. Our award-winning SaaS platform, Medallia Experience Cloud, leads the market in the understanding and management of experience for candidates, customers, employees, patients, citizens and residents. We are more than a software company. We want to be known as a company that does...
-
Senior DevOps Engineer
hace 4 semanas
Buenos Aires, Argentina Lawton Senior Living A tiempo completoAbout the RoleLatch is seeking a highly skilled Senior DevOps Engineer to join our team. As a key member of our infrastructure team, you will be responsible for designing, implementing, and maintaining our IT infrastructure, ensuring high availability, security, and compliance.ResponsibilitiesDesign and implement IT infrastructure solutions, including...
-
Senior Security Operations Engineer
hace 2 meses
Vicente López, Buenos Aires, Argentina Medallia A tiempo completoOverview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...
-
Senior DevOps Engineer
hace 1 mes
Buenos Aires, Argentina Lawton Senior Living A tiempo completoAbout the Role:Latch is seeking a highly motivated and skilled Senior Infrastructure Engineer to become a part of our team. The successful candidate will be responsible for overseeing and managing the organization's IT infrastructure, including network systems, servers, data centers, and related technologies. You will collaborate with cross-functional teams...
-
Application Security Engineer
hace 4 meses
Buenos Aires, Argentina VS-Staffing A tiempo completo**Application Security Engineer - Remote Costa Rica** Location: Remote LATAM **Role**: We are looking for an experienced Application Security Engineer to join us! As an Application Security Engineer, you will work as a part of our security engineering team, and you will collaborate with other IT professionals to ensure that user data is protected. **What...
-
Product Security Engineer Iii
hace 2 meses
Buenos Aires, Argentina Mindbody A tiempo completoWe're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we're...
-
Security IAM Engineer
hace 3 días
Buenos Aires, Argentina CJ Recruitment A tiempo completoBuenos días Red!! Tenemos nueva vacante en CJ Recruitment !!!! Estamos buscando un Security IAM Engineer Semi senior solo aplica para candidatos que vivan en Argentina! Rol 100% Remoto y pago en USD Benefits: Days off. 3 weeks of annual vacation (1 week is paid). Work equipment provided. Paid gym membership. Access to Platzi...
-
Senior Security Engineer
hace 4 semanas
Buenos Aires, Argentina BetWarrior A tiempo completo**JOIN OUR TRIBE!** Do you strive for **excellence**? Do you embrace **innovation**? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent**, **safe **and **responsible **way. We are **BetWarrior** We welcome passionate warriors and are currently looking for a **Senior Security...
-
Senior Security Engineer
hace 3 días
Buenos Aires, Argentina BetWarrior A tiempo completoJOIN OUR TRIBE! Do you strive for excellence? Do you embrace innovation? We are here to create exceptional online entertainment experiences, offering our clients the chance to win in a transparent, safe and responsible way. We are BetWarrior We welcome passionate warriors and are currently looking for a Senior Security Engineer who will confront the most...
-
Senior Security Engineer
hace 1 mes
Capital Federal, Buenos Aires, Argentina Edgeuno A tiempo completoAs a **Senior Security Engineer** at EdgeUno you will be a hands-on contributor, actively leading technical initiatives and special projects within the Cybersecurity and Developments teams. You will be responsible for integrating security into the CI/CD pipelines, designing, implementing, and auditing security controls across cloud infrastructure and...
-
Senior Security Mobility Engineer
hace 5 días
Buenos Aires, Argentina WLG A tiempo completoWould you like to join a leading Digital Solution Company and contribute to innovative solutions that are built on a daily basis?Our client is a leading Digital Solution Company for Business IT Solutions and digital transformation. Founded in 1996, our client's company started off as an IT consulting partner for one of the most recognized brands in the...
-
Senior Cloud Security Engineer
hace 5 meses
Buenos Aires, Argentina Track gaming Buenos Aires SA A tiempo completo**JOIN OUR TRIBE!** Do you strive for **excellence **? Do you embrace **innovation **? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent **, **safe **and **responsible **way. We are **BetWarrior We welcome passionate warriors and are currently looking for a **Senior Cloud...
-
Senior Cloud Security Engineer
hace 5 meses
Buenos Aires, Argentina BetWarrior A tiempo completo**JOIN OUR TRIBE!** Do you strive for **excellence**? Do you embrace **innovation**? We are here to create **exceptional **online entertainment experiences, offering our clients the chance to win in a **transparent**, **safe **and **responsible **way. We are **BetWarrior** We welcome passionate warriors and are currently looking for a **Senior Cloud...
-
IT Security Engineer
hace 1 mes
Buenos Aires, Argentina Sicpa A tiempo completoReq ID: 28483- Posted on: 1 Sep 2024- Location: Buenos Aires (AR01), Argentina- Department: Customer Projects Deployment & Services- Job Family: Information Technology We are looking for a highly motivated, outstanding Software Security Engineer to join our small but very dynamic team. **SOFTWARE SECURITY ENGINEER** **ROLE**: - Collaborate with...
-
Senior Site Reliability Engineer
hace 2 meses
Vicente López, Buenos Aires, Argentina Medallia A tiempo completoOverview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...
-
Senior Software Engineer
hace 1 mes
Buenos Aires, Argentina Techunting A tiempo completoAbout the RoleAt Techunting, we're seeking a highly skilled Senior C++ Driver and User Mode Engineer to join our team. As a key member of our engineering team, you will play a critical role in expanding compatibility with different Windows applications and improving the security of our Venn Secure Enclave product.Key ResponsibilitiesReverse engineer...
-
Information Security Engineer
hace 5 meses
Buenos Aires, Argentina Launchpad Technologies A tiempo completoLaunchpad, a people-first technology company, is a leader in North America´s rapidly growing tech sector. Through two solutions, Launchpad supports its clients with digital transformation: - PaasportTM, our iPaaS solution, streamlines software integration and automates workflows. - Nearshore Staff Augmentation, our managed IT staffing service, connects top...
-
Senior Software Engineer
hace 2 meses
Vicente López, Buenos Aires, Argentina Medallia A tiempo completoOverview: We are more than a software company. We want to be known as a company that does the right thing, no matter the challenge or controversy. We are committed to creating a culture that values every person and every experience. Individual life experiences shape the way we interact with the world, which is why we encourage people to bring their whole...
-
Network Security Engineer
hace 5 días
Buenos Aires, Argentina Redeploy A tiempo completo♀️ About Redeploy RunAt Redeploy Run, we specialize in platform engineering and operations, helping our customers simplify their infrastructure and speed up application delivery. Our mission is to make cloud adoption faster and easier. Our 'Ready-to-Run' platform products, including Technology Platforms and Industry Cloud Platforms, let IT...
-
Security Engineer
hace 4 meses
Buenos Aires, Argentina Stensul A tiempo completo**Security Engineer**: **Mission**: Securing company assets by taking proactive measures, identifying vulnerabilities, deploying protective technologies, and responding to incidents. Collaborating with peers ensures comprehensive understanding and becoming a beacon of security best practices. Architect and deploy solutions that maintain the integrity,...