Remote Senior Product Security Engineer-I

Description:

• The Senior Product Security Engineer-I role can be performed remotely from anywhere in India.
• Application Security SREs at Sumo Logic collaborate with development teams and the Security Operations Center (SOC) to ensure product security and compliance.
• Responsibilities include ensuring engineering teams develop secure applications by applying secure coding best practices for cloud applications and creating training and procedural materials.
• The role involves performing security reviews and penetration tests during design and implementation stages, proposing solutions for any identified security deficiencies.
• The engineer will lead teams in threat modeling exercises to evaluate technical designs.
• The position requires leveraging Sumo’s products and third-party tools to enhance security and implement a "defense in depth" strategy within the software development lifecycle.
• The engineer will integrate and implement solutions to improve Sumo Logic's security posture.
• Participation in security research, investigations, platform hardening, and audits is expected.
• The role includes driving continual improvement and operational excellence for security tools.
• The engineer will also participate in on-call duties to provide coverage for security and platform components.

Requirements:

• A B.S. or M.S. in Computer Sciences or a related discipline is required.
• A passion for security is essential, with an understanding of software security vulnerabilities and best practices to defend against attackers using industry standards and frameworks.
• An operations mindset is necessary, with knowledge of leveraging encryption, key management, monitoring, alerting, and automation to secure systems at scale while ensuring uptime.
• Candidates should have 4-6 years of professional experience in applied software security roles.
• Strong knowledge of OWASP top 10 security vulnerabilities, the ability to identify security flaws in software, assess their impact, and propose solutions for developers is required.
• Experience with cloud security tools as part of software architecture is necessary.
• Operational expertise in high-scale, reliable 24/7, multi-tenant SaaS environments is required.
• Strong coding and debugging skills are essential, with Scala experience being highly beneficial.
• Security certifications, experience in bug bounty programs or Capture The Flag (CTF) events, reported CVEs, and familiarity with compliance frameworks and audits are all considered pluses.

Benefits:

• The position offers the flexibility of remote work from anywhere in India.
• Employees will have the opportunity to work with cutting-edge technology in a dynamic and innovative environment.
• The role provides a chance to contribute to the security and compliance of cloud-native applications.
• Employees will be part of a team that values continual improvement and operational excellence in security practices.
• Sumo Logic offers a collaborative work culture that empowers individuals to make impactful contributions to modern digital business.