Remote Product Security Engineer

Description:

• The Head of Product Security for the Information Security Team at Perforce is looking for a Product Security Engineer to join the team.
• As a Product Security Engineer, you will ensure the security of products throughout their lifecycle.
• You will collaborate closely with product and engineering teams to integrate security controls at every stage of the software development process.
• This role requires a hands-on approach to cultivate a culture of security within development teams, focusing on secure development, DevSecOps practices, and shift-left security principles.
• Responsibilities include maturing and implementing product security procedures aligned with the company's business objectives.
• You will conduct thorough code reviews to identify and remediate security vulnerabilities.
• Regular testing will be performed to assess the security posture of products and infrastructure.
• You will develop and maintain threat models to identify potential security risks and guide mitigation efforts.
• Fostering a culture of security awareness through education and training of developers on secure coding practices is essential.
• You will drive the adoption of automated security tools and processes to enable shift-left security practices.
• Conducting regular risk assessments and audits to ensure compliance with internal and external security standards is part of the role.
• Participation in incident response and retrospective activities is required to incorporate lessons learned into product development practices.
• Effective communication with teams, management, and clients about security concerns and best practices is crucial.
• You will assist in managing third-party risks by tracking vulnerability assessment results and ensuring effective remediation.
• Monitoring advancements in information security technologies and incorporating them into the internal environment is also part of your responsibilities.

Requirements:

• You should have between 3 - 5 years of experience in product security, QA, or software engineering, with deep expertise in secure product development.
• Experience with security assessments, security design reviews, or threat modeling is required.
• A solid understanding of security engineering, information security best practices, and DevOps is necessary.
• Excellent communication skills are essential, with the ability to influence others.
• Experience in risk assessment, threat modeling, code review, data analysis, or static code analysis is required.

Benefits:

• Perforce values team members for their contributions and introduces them to new opportunities.
• Employees are rewarded well for their work.
• The company combines the experience and rewards of a start-up with the security of an established and privately held profitable company.
• Working at Perforce allows you to collaborate with talented and dedicated people across the globe.