Key skills
Application SecurityVulnerability ManagementThreat ModelingSecurity ToolsPenetration TestingCloud SecuritySecurity CertificationsIndustry AwarenessCommunication SkillsCollaboration SkillsContinuous LearningSDLCCI/CDCommunicationCollaboration
About this role
Eptura is a global leader transforming workplace connectivity through innovative worktech solutions. The Product Security Engineer will be responsible for building and maintaining the company's security program, collaborating with teams to protect platforms and data while managing vulnerabilities and conducting risk assessments.
Responsibilities:
- Implement and operate security technologies (SAST, DAST, SCA, API, container, and cloud security posture management)
- Support the implementation and optimization of security engineering processes and tools
- Collaborate with Development and DevOps teams to integrate security into the software development lifecycle (SDLC) and CI/CD pipelines
- Manage the application vulnerability lifecycle. Oversee the entire process of handling application vulnerabilities from receiving vulnerability reports to tracking resolution
- Assist with conducting penetration testing and vulnerability assessments; assist in identifying and remediating security issues
- Act as the main point of contact for external service providers related to vulnerability management and penetration testing, ensuring smooth communication and collaboration
- Coordinate with stakeholders to develop and implement action plans and maintain milestone tracking until completion
- Participate in threat modeling and risk assessments for business systems
- Assist with incident response activities and root cause analysis for security events
- Work closely with senior engineers, product managers, and other stakeholders to ensure security best practices are followed
- Communicate findings and recommendations effectively to technical and non-technical audiences
- Contribute to security documentation, standards, and training initiatives
- Stay current with the latest security trends, threats, and technologies
- Participate in ongoing learning and professional development in product security and cloud-native security
Requirements:
- 3-5+ years of combined experience in application or product security and other cross functional areas
- Must be a U.S. citizen, residing in the U.S. for FedRAMP security clearance requirements
- Bachelors or Master's Degree are optional but preferred
- Industry certifications are not required, but highly preferred (OSCP, CEH, GPEN, etc.)