5–9 years of experience in application security or product security roles., Proficient in web application security and secure coding practices., Hands-on experience with security tools and securing cloud environments., Strong understanding of compliance standards like SOC 2 and ISO 27001..
Key responsibilities:
Integrate security into the software development lifecycle (SDLC) and CI/CD pipelines.
Conduct threat assessments and define mitigation strategies for new features.
Perform application security audits and vulnerability assessments.
Collaborate with development teams to promote secure coding practices.
Report This Job
Help us maintain the quality of our job listings. If you find any issues with this job post, please let us know.
Select the reason you're reporting this job:
Automating Information Security Compliances & Privacy Laws for fast growing SaaS companies.
Use Sprinto to obtain information security compliance, close enterprise deals faster, and pass vendor security assessments easily.
Sprinto is a leading platform that automates information security compliance. By raising the bar on information security, Sprinto ensures compliance, healthy operational practices, and the ability for businesses to grow and scale with unwavering confidence. We are a team of 300+ employees & helping 2500+ Customers across 75+ Countries. We are funded by top investment partners Accel, Elevation, and Blume Ventures and have raised 31.8 million USD in funding, including our latest Series B round.
The Role
We are looking for a Product Security Engineer to lead efforts in securing our products. This role involves integrating security into the SDLC, conducting threat assessments, and collaborating with engineering teams to ensure secure design and coding practices. You will also manage vulnerability remediation, ensure compliance, and educate teams on security best practices
What you will do
Secure SDLC Integration: Embed security into CI/CD pipelines and secure coding practices across development teams.
Threat Modeling & Risk Assessments: Perform threat assessments and define mitigation strategies for new features.
Application Security Audits: Conduct security reviews and vulnerability assessments for applications.
Security Design Reviews: Provide feedback on product designs to ensure security is built in from the start.
Vulnerability Management: Oversee vulnerability identification, prioritization, and remediation workflows.
Cross-Functional Collaboration: Work closely with development teams to promote secure coding and operational practices.
What We’re Looking For
5–9 years in application security, product security, or related roles.
Proficient in web application security (OWASP Top 10), secure coding practices, and vulnerability remediation.
Hands-on experience with security tools (SAST/DAST) and securing cloud environments.
Familiar with cloud security (AWS, Azure) and container security (Docker, Kubernetes).
Strong understanding of compliance standards like SOC 2, ISO 27001, and GDPR..
Benefits
Remote First Policy.
5 Days Working With FLEXI Hours.
Group Medical Insurance (Parents, Spouse, Children).
Group Accident Cover.
Company Sponsored Device.
Education Reimbursement Policy.
Required profile
Experience
Spoken language(s):
English
Check out the description to know which languages are mandatory.