RemoteLeaf Logo
Log in Sign up

Staff Product Security Engineer

1 week, 3 days ago
United States
Full-time
Lead
Application Security Engineer
Cybersecurity
HIPAA Java JavaScript Python Scala
Apply Now
Databricks

Databricks

Databricks is the pioneering data intelligence platform, empowering organizations worldwide to solve complex data challenges with AI-driven analytics solutions.

IT Services
1K-5K
Founded 2013
$4450M raised
View All Jobs 151

Description

  • Provide full SDLC security support for new product features developed across engineering and non-engineering teams.
  • Perform threat modeling, security design reviews, manual code reviews, exploit writing, and exploit chain creation.
  • Support Incident Response and Vulnerability Response efforts when product security incidents or vulnerability reports arise.
  • Review SAST findings to identify false positives and file defects for real issues.
  • Work on DAST tools and related automation for auto-assessment and defect filing.
  • Maintain and extend the automation framework to support additional security compliance needs such as FedRAMP, PCI, and HIPAA.
  • Apply risk-based judgment when prioritizing security issues and recommendations.
  • Help develop and implement security processes that improve product security team productivity and SDLC effectiveness.

Requirements

  • 3-10 years of experience with threat modeling and identifying design issues from data-flow block diagrams.
  • Strong understanding of at least two domains: Web Security, Cloud Security, Systems Security, and Applied Cryptography.
  • Proficiency in one or more programming languages, including Python, Java, Scala, or JavaScript.
  • Ability to read code and identify security defects.
  • Strong scripting and automation skills for exploit development.
  • Exploit writing experience is strongly preferred and highly valued.
  • Fuzzing skills are a plus.
  • Experience working with global, distributed teams across multiple regions is implied by the role context.

Benefits

  • Remote work available anywhere in the United States.
  • Base salary range of $190,000-$261,250 for Zone 1, $171,000-$235,200 for Zone 2, $161,500-$222,100 for Zone 3, or $152,000-$209,000 for Zone 4.
  • Eligibility for an annual performance bonus.
  • Equity may be included in the total compensation package.
  • Comprehensive employee benefits and perks are offered, with details varying by region.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Infatica

Application Security Consultant

Infatica 1-10 Internet Software & Services

Infatica.io is seeking an Application Security Consultant to assess and improve the security of its proxy services by analyzing product components, build and distribution processes, and external detection responses.

Spain Full-time Senior Application Security Engineer
Linux Machine Learning
11 hours, 37 minutes ago
Thumbtack

Staff Application Security Engineer

Thumbtack 1K-5K Construction & Engineering

Thumbtack is hiring a Security Engineer to shape application security for its cloud-based, AI-enabled home services platform as the company scales.

Remote
Full-time Lead Application Security Engineer
$221k-$286k
AWS CI/CD GCP Secrets Management
12 hours, 35 minutes ago
Prolific

Application Security Lead

Prolific 51-250 Professional Services

Prolific is hiring an Application Security Lead to own application security strategy and embed secure development practices across its engineering organization while protecting a platform that handles sensitive data at scale.

United Kingdom Full-time Lead Application Security Engineer
Burp Suite CI/CD Django GCP Kubernetes Microservices MongoDB Python Terraform Vue.js
23 hours, 46 minutes ago
Trustly

SecOps Engineer (AppSec)

Trustly 251-1K Diversified Financial Services

Trustly is seeking a remote SecOps Engineer (AppSec) to help secure its global open banking payments platform by strengthening application, cloud, and infrastructure security controls.

Brazil Full-time Mid Level Application Security Engineer
Cybersecurity GitHub Java Kubernetes Node.js OWASP Penetration Testing Python Shell Scripting
1 day ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers