Product Security Engineer

Where you’ll work: Hungary (remote)

Security at GoTo
Everyone deserves to work in a safe and secure environment. That's why we're passionate about delivering secure, remote workforce products and services that prioritize the protection of business assets, customer data, and employee information. Our cybersecurity team builds security and privacy into everything we do, leveraging the SecDevOps methodology and fostering a culture of security and privacy. We're committed to creating products that are not only secure but also user-friendly and accessible to all. Join us and help us create a future where security meets simplicity.

Your Day to Day

As a Product Security Engineer in our Security team, you will be working on:

• Closely work with engineering teams, support and coach them with improving the security of their products and implementing secure software development measures:
  • Perform security design reviews, threat modelling, and code reviews
  • Apply and maintain security tools (SAST, SCA, DAST, CSPM, WAF)
  • Assess the risk of security findings and suggest remediation
• Extend and share your knowledge with the broader security team and the product engineering teams
  • Create guidelines for re-occurring challenges (e.g. how to configure TLS, how to create a proper CSP, how to prevent XSS)
  • Take part in and provide security technology specific security training sessions (e.g. LLM security risks, GraphQLsecurity)

What We're Looking For

As a Product Security Engineer, your background will look like:

• Experience in working closely with engineering teams and supporting them on their path to “shifting security left”
• Deep technical knowledge in (web) application security, API security, and cloud security
• Experience with Security tools: SAST, SCA, DAST, CSPM, WAF
• Experience with design reviews, threat modelling, testing, and analyzing applications
• Good written and verbal communication skills in English

At GoTo, diversity and inclusion are key to creating a thriving and dynamic work environment. Our team of GoGetters is driven to learn, explore, connect, and collaborate, valuing the unique perspectives that everyone brings to the table. We take pride in providing our employees with comprehensive benefits, wellness programs, recognition, and opportunities for learning and development worldwide. Our commitment to creating an inclusive space for everyone, regardless of gender, identity, or background, ensures that all team members can contribute to our success and thrive personally and professionally.