Key Facts

Remote From:

Anywhere

Category: Security Engineer

Full time

Senior (5-10 years)

English

Hard Skills

Vulnerability Management Threat Modeling Incident Response Secure Coding Endpoint Security CI/CD DevSecOps Container Security Infrastructure Security Penetration Testing +7 more

Other Skills

•
Analytical Skills
•
Communication
•
Leadership

Roles & Responsibilities

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience.
7+ years of experience in software engineering, application security, product security, or cybersecurity engineering.
Strong understanding of secure application architecture and modern security practices for web, mobile, cloud, and distributed systems.
Hands-on experience reviewing source code and identifying security vulnerabilities.

Requirements:

Own and mature the product security program, including security review processes and secure development standards.
Lead security architecture reviews and secure design initiatives across backend services, web applications, mobile applications, APIs, and remote devices.
Partner closely with Engineering, DevOps, QA, Infrastructure, and Product teams to integrate security into the software development lifecycle.
Drive vulnerability management efforts, including prioritization, remediation guidance, and validation.

365 Retail Markets

Information Technology & Services

About 365 Retail Markets

365 Retail Markets is the global leader in unattended retail technology. Founded in 2008, 365 provides a full suite of best-in-class, self-service technologies for food service operators including end-to-end integrated SaaS software, payment processing and point-of-sale hardware. Today, our technology powers food retail spaces at corporate offices, manufacturing facilities, distribution centers, and more. 365’s technology solutions include a growing suite of frictionless smart-stores, micro markets, vending, catering, and dining point-of-sale options to meet the expanding needs of our customers. 365 continuously pioneers innovation in the industry with powerful technology, strategic partnerships and flexibility in customization and branding. 365 is a portfolio company of Providence Equity Partners.

Company type: SME

Industry: Information Technology & Services

Founded: 2018

Company size: 501 - 1000

Website LinkedIn See all jobs →

Job description

Description

Responsibilities

Own and mature the product security program, including security review processes, secure development standards, risk prioritization, vulnerability remediation practices, and engineering enablement.
Lead security architecture reviews and secure design initiatives across backend services, web applications, mobile applications, APIs, and remote devices.
Review source code and application architecture to identify security vulnerabilities, insecure patterns, and operational risks.
Partner closely with Engineering, DevOps, QA, Infrastructure, and Product teams to integrate security into the software development lifecycle.
Establish and enforce secure coding standards, development guidelines, and security best practices.
Mentor and guide software engineers on secure development practices and remediation strategies.
Perform threat modeling and risk assessments for new and existing products and infrastructure.
Assist in incident response investigations, root cause analysis, and remediation planning.
Evaluate third-party libraries, frameworks, and dependencies for security and operational risks.
Collaborate with DevOps and Infrastructure teams on cloud security, CI/CD security, secrets management, and system hardening.
Drive vulnerability management efforts, including prioritization, remediation guidance, and validation.
Help define and implement logging, monitoring, and security alerting strategies.
Partner with external security consultants and vendors on penetration testing and security assessments.
Promote a security-first engineering culture across the organization.

Requirements

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience.
7+ years of experience in software engineering, application security, product security, or cybersecurity engineering.
Strong understanding of secure application architecture and modern security practices for web, mobile, cloud, and distributed systems.
Hands-on experience reviewing source code and identifying security vulnerabilities.
Experience with OWASP Top 10, secure coding standards, authentication/authorization models, API security, and vulnerability remediation.
Experience securing cloud-native environments in AWS, Azure, or GCP.
Strong understanding of CI/CD pipelines, DevSecOps practices, container security, and infrastructure security.
Experience with threat modeling, penetration testing coordination, and incident response processes.
Ability to mentor engineers and influence technical direction across multiple teams.
Strong analytical, communication, and leadership skills.

Preferred Qualifications

Experience with unattended retail, IoT, edge devices, kiosks, payment systems, or embedded Linux environments.
Knowledge of PCI, security compliance frameworks, and enterprise risk management.
Experience with observability and monitoring tools such as Datadog, Splunk, Instana, or similar platforms.
Experience working with AI-assisted development tools and understanding emerging AI-related security risks.
Relevant industry certifications such as CISSP, CSSLP, OSCP, or cloud security certifications.