Lead Product Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Key Responsibilities
Lead red team operations focused on product security including application-layer attacks business logic abuse and adversary simulations targeting customer-facing products.
Develop and execute offensive testing strategies (web API native apps SaaS cloud integrations and enterprise products).
Develop and execute custom attack scenarios including phishing social engineering and lateral movement campaigns to test organizational defenses.
Identify security weaknesses in architecture design and implementation of product features.
Mentor and guide other red team engineers driving technical excellence and advancing offensive security capabilities within the product security organization.
Partner with security response (PSIRT) and SRE teams on vulnerability impact assessment exploitation proof-of-concepts and attack surface reduction.
Contribute to automation of offensive security testing methodologies and continuous validation of product defenses.
Stay ahead of the curve on emerging TTPs exploitation techniques zero-days and adversarial tradecraft and apply those insights to products.
Required Qualifications
Bachelors degree in Computer Science Information Security Engineering or equivalent experience
More than 9 years of experience in the security industry preferably 5 years in offensive security penetration testing or red teaming
Deep expertise in application and product security including web technologies APIs cloud-native architectures and mobile platforms.
Strong background in exploit development reverse engineering and vulnerability research
Proficiency with offensive security tooling and frameworks (e.g. Burp Suite Cobalt Strike Metasploit custom tooling)
Experience performing advanced attacks such as logic flaws authentication bypass authorization escalation and supply chain abuse
Familiarity with developer workflows CI/CD pipelines and secure development practices
Familiarity with advanced persistent threat (APT) tactics techniques and procedures (TTPs)
Strong scripting/programming skills (Python Go JavaScript or similar)
Excellent communication skills with the ability to translate technical findings into business impact for engineering and product stakeholders
Preferred Qualifications
Prior experience engaging with products at enterprise scale (SaaS cloud platforms financial systems or critical infrastructure software).
Any one of these Certifications: CCRT(S) OSEP GPEN OSCP SANS SEC565
Experience leading cross-functional security initiatives with product and engineering teams.
Contributions to the security community in the form of research CVEs exploit development tools or publications.
Track record of participation in Capture The Flag events
Working knowledge to execute end-to-end adversary emulation attacks
About Us:
Cloud Software Group is one of the worlds largest cloud solution providers serving more than 100 million users around the globe. When you join Cloud Software Group you are making a difference for real people each of whom count on our suite of cloud-based products to get work done from anywhere. Members of our team will tell you that we value passion for technology and the courage to take risks. Everyone is empowered to learn dream and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud.
Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age race color creed sex or gender sexual orientation gender identity gender expression ethnicity national origin ancestry citizenship religion genetic carrier status disability pregnancy childbirth or related medical conditions (including lactation status) marital status military service protected veteran status political activity or affiliation taking or requesting statutorily protected leave and other protected classifications.
If you need a reasonable accommodation due to a disability during any part of the application process please contact us via the Bridge portal for assistance.
Required Experience:
IC
Key Skills
- APQP
- Six Sigma
- GD&T
- Root cause Analysis
- CAD
- Project Leadership
- SolidWorks
- Mechanical Engineering
- Quality Management
- Product Development
- Catia
- Manufacturing
About Company
Cloud Software Group is a leading provider of enterprise infrastructure software solutions encompassing virtualization, integration, data management, automation, business intelligence, collaboration, networking and security. The company is comprised of six best-in-class enterprise sof ... View more
