Logo for SRM Technologies

Application Security - Design Reviews Threat Modelling

Role overview

Qualifications

  • Available to work until 11:00AM Pacific Standard Time (PST)
  • 5+ years of experience in Application Security, Product Security, or a related field
  • Strong understanding of common application security vulnerabilities (OWASP Top 10, API Security, etc.)
  • Experience participating in security reviews, threat modeling exercises, or application security assessments

Responsibilities

  • Participate in security design reviews and threat modeling exercises for new products
  • Partner with engineering teams to identify security risks and recommend practical mitigations
  • Serve as a security consultant for product and engineering teams
  • Review application and system architectures to identify security risks and recommend secure design patterns

Key facts

  • Remote from: Anywhere
  • Full time
  • Senior (5-10 years)
  • English

Other skills

  • Communication
  • Problem Solving

About the company

SRM Technologies logo

SRM Technologies

IT Services & IT Consulting

SRM Technologies is a global IT services company specialising in automotive technologies, digital transformation and product engineering services. We provide technology consulting, platform development, data analytics, artificial intelligence, cloud enablement, digital infrastructure, quality assurance, embedded software and design to manufacturing product solutions to various industries and enterprises across the USA, Japan and India. At the heart of our organization are passionate employees who embody our core belief - 'ideas@work.' We firmly believe that ideas and innovation truly matter only when they create a meaningful impact on our customers' businesses and the lives of their end customers. Therefore, we prioritize the practical application of these ideas and their transformative impact through our talented and ever-growing workforce. 𝘚𝘙𝘔 𝘛𝘦𝘤𝘩 𝘪𝘴 𝘢 𝘱𝘳𝘰𝘶𝘥 𝘮𝘦𝘮𝘣𝘦𝘳 𝘰𝘧 𝘵𝘩𝘦 𝘚𝘙𝘔 𝘎𝘳𝘰𝘶𝘱, 𝘢 𝘮𝘶𝘭𝘵𝘪𝘯𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘤𝘰𝘯𝘨𝘭𝘰𝘮𝘦𝘳𝘢𝘵𝘦 𝘸𝘪𝘵𝘩 𝘢 𝘳𝘪𝘤𝘩 𝘩𝘪𝘴𝘵𝘰𝘳𝘺 𝘴𝘱𝘢𝘯𝘯𝘪𝘯𝘨 𝘰𝘷𝘦𝘳 𝘧𝘰𝘶𝘳 𝘥𝘦𝘤𝘢𝘥𝘦𝘴. 𝘛𝘩𝘦 𝘚𝘙𝘔 𝘎𝘳𝘰𝘶𝘱 𝘰𝘱𝘦𝘳𝘢𝘵𝘦𝘴 𝘪𝘯 𝘥𝘪𝘷𝘦𝘳𝘴𝘦 𝘴𝘦𝘤𝘵𝘰𝘳𝘴, 𝘪𝘯𝘤𝘭𝘶𝘥𝘪𝘯𝘨 𝘌𝘥𝘶𝘤𝘢𝘵𝘪𝘰𝘯, 𝘛𝘦𝘤𝘩𝘯𝘰𝘭𝘰𝘨𝘺, 𝘏𝘦𝘢𝘭𝘵𝘩𝘤𝘢𝘳𝘦, 𝘢𝘯𝘥 𝘔𝘦𝘥𝘪𝘢.

Company details

Company typeLarge
IndustryIT Services & IT Consulting
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

This is a remote position.

As part of the Product Security Architecture team, you'll help reduce security risk across Dropbox by partnering with engineering and product teams throughout the software development lifecycle (SDLC).

 Our team focuses on security threat modeling, and consulting. We work closely with product and infrastructure teams to identify security risks early in the design process, provide practical security guidance, and help teams build secure systems. We also develop tooling, documentation, and automation that improve the efficiency and scalability of security reviews across Dropbox.

This role is ideal for a security engineer who enjoys solving technical problems, collaborating with engineers, and helping teams make informed security decisions.

Responsibilities

  • Participate in security design reviews and threat modeling exercises for new products, services, and platform capabilities.
  • Partner with engineering teams to identify security risks and recommend practical mitigations during the design and development process.
  • Serve as a security consultant for product and engineering teams, answering security questions and providing guidance on secure implementation patterns.
  • Review application and system architectures, technical designs, data flows, and deployment models to identify security risks and recommend secure design patterns
  • Partner with engineering teams developing AI and machine learning features to identify emerging security risks and recommend secure implementation patterns.
  • Help maintain and improve security standards, guidance, reference architectures, and internal documentation.
  • Develop or enhance tooling and automation that improve the efficiency of threat modeling, security reviews, and risk assessment processes.
  • Collaborate with other Product Security engineers to perform application security assessments and investigate security concerns identified during development.
  • Contribute to developer education efforts through documentation, office hours, workshops, or security awareness initiatives.
  • Support security incident investigations and root cause analysis when application security issues are discovered.

Requirements

Required Qualifications

  • Available to work until 11:00AM Pacific Standard Time (PST).
  • 5+ years of experience in Application Security, Product Security, or a related field.
  • Strong understanding of common application security vulnerabilities (OWASP Top 10, API Security, authentication, authorization, secrets management, cryptography, etc.).
  • Experience participating in security reviews, threat modeling exercises, architecture discussions, or application security assessments.
  • Strong technical writing skills and experience creating documentation and guidelines.
  • Strong communication skills and ability to explain security concepts to engineers with varying levels of security expertise.
  • Experience working collaboratively with software engineering teams to identify and address security risks.
  • Familiarity with cloud platforms and modern application architectures (AWS preferred).
  • Ability to assess risk, prioritize issues, and provide practical security recommendations.
  • Experience reading and understanding source code in one or more modern programming languages.
  • Experience building scripts, tools, or automation to improve engineering or security workflows.

 



Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Related jobs

Other jobs at SRM Technologies

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.