Sr. Product Security Engineer (Mobile Testing)

You will work with internal development teams to review source code and pentest custom functionality built on top of our platform. In this role, you will also be responsible for interacting with customers that perform security assessments against their products instance. You will have the opportunity to assess security of 3rd party vendor applications, plan projects, and be a security advocate. A key part of this position is to effectively report issues to the application owners, provide meaningful remediation recommendations, and validate that they have been resolved.

‍

‍

• Perform software auditing services to internal teams to discover, communicate, and recommend remediation activities for software vulnerabilities.
• Provide architecture design input, evaluate threats and document risk
• Proactively research new attack vectors that may affect the platform
• Research and implement automated code security quality gates in a CI/CD life cycle
• Research security topics which are a risk to the organization
• Be an advocate for security for development teams and participate in a security champions program
• Work with third-party vendors on security testing

‍

• 5+ years prior experience in penetration testing mobile applications.
• Strong foundations in software engineering (Java preferred).
• In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10).
• Familiarity with automated dynamic scanners and proxy tools.
• An analytical mind for problem solving, abstract thought, and offensive security tactics.
• Ability to articulate complex issues to executives and customers.
• Experience working with the ServiceNow Platform a plus.
• Security certifications a plus.
• Will be working in a Federal environment requiring US Citizenship. Must be eligible for a US security clearance.

‍