ExtraHop
Senior Product Security Engineer with experience in modern software development practices and securing web applications, APIs, and software systems.
Anaplan
Senior IT Systems Engineer for MacOS management, Microsoft 365 support, and automation of repetitive tasks.
Skedda
Join Skedda as a full-time remote software developer and contribute to the company's mission to empower organizations to bring workspaces to life. Collaborate with cross-functional teams, leverage expertise to improve the GTM stack, and implement new projects across the GTM stack.
Emburse
Senior Software Engineer I (JavaScript) at Emburse: Contribute to system solutions with 6+ years of experience and expertise in programming languages like Python, Java, or JavaScript.
CoinsPaid
Product Manager for Core Cryptogate product at CoinsPaid, leading development of blockchain-gate interface, prioritizing requests, balancing competing needs, and making data-driven decisions.
OpenTable
Senior Product Manager for Restaurant Platform Team at OpenTable, developing functionality within the platform and driving product strategy.
Sanity io
Senior Solutions Engineer at Sanity.io: champion structured content, educate on technical aspects, and represent capabilities in product demos
Hightouch
Join Hightouch as an Enterprise Solutions Engineer to help companies activate their data for marketing personalization and operations. Collaborate with technical and non-technical stakeholders to solve customer problems using your expertise in data solutions.
Gitlab
Build and enhance GitLab's Organizations feature, collaborate with cross-functional teams, and contribute to a scalable platform while working remotely with comprehensive benefits.
Apollo
Develop next-generation GraphQL infrastructure with Apollo, leading teams in building scalable solutions using Rust, TypeScript, and Kotlin. Collaborate across functions to deliver innovative tools for organizations worldwide.
CloudWalk
Lead front-end development at CloudWalk, mentoring teams and implementing modern tools like React.js and Next.js while leveraging AI-powered tools for enhanced productivity.
Horizons
Senior Front-End Engineer at Horizons: Improve user experience, modularize code, and lead the redesign of Horizons main front-end application.
Emburse
Senior Software Engineer in Test at Emburse: Collaborate on system solutions, design tests, and automate quality assurance processes.
Mercury
Frontend engineer to improve React components, guide next-gen engineers, and foster enthusiasm for frontend work at Mercury
Wasabi Technologies
Senior Machine Learning Engineer for AI/ML product Wasabi AiR, driving advancements in AI, computer vision, and NLP, with a focus on scalability and reliability.
Postscript
Architect scalable backend systems using Go and Python at Postscript's Flow Builder team, leading API development and mentoring engineers in a fast-growing environment.
Phantom
Full-stack engineer at Phantom developing APIs and user interfaces for a self-custodial wallet with a focus on security, innovation, and user experience.
Buynomics
Senior Full Stack Software Engineer for SaaS platform with ReactJS, TypeScript, NodeJS, and NestJS expertise
Orum
Senior Full Stack Software Engineer at Orum - $165k-$190k/year
Aleph
Join Aleph as an AI-focused Software Engineer to integrate cutting-edge AI technologies into our FP&A platform, working with LLMs and generative models to drive innovation in financial planning tools.
ExtraHop
ExtraHop is seeking a Senior Product Security Engineer with experience in modern software development practices to build and operate product security program capabilities, tools, and processes. The ideal candidate will have a mix of software development and application security experience, enjoy working in a collaborative environment, and be familiar with securing web applications, APIs, and software systems. Key responsibilities include defining standards for secure development, performing threat modeling, and implementing vulnerability scanning tools. The position requires 8+ years of experience in security engineering, application security, and software development, as well as knowledge of cloud-based technologies such as AWS and container environments like Kubernetes and Docker. ExtraHop offers a competitive salary range of $136,600 - $180,000 per year, plus bonus and benefits.
Position Summary
Do you enjoy the challenge of securing complex systems? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Senior Product Security Engineer, experienced with modern software development practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success.
We're looking for candidates with a mix of software development and application security experience, who enjoy working in a collaborative environment and taking direct action to identify, remediate and prevent vulnerabilities and security issues.
You must have experience with securing web applications, APIs and software systems, working with public cloud infrastructure, and be familiar with container technologies.
Key Responsibilities
Define standards for secure development and configuration of application and infrastructure components; and coordinate with other teams to ensure compliance with those standards
Perform threat modeling, security design reviews, code reviews, and security consultations with software and systems engineers
Implement, manage and improve vulnerability scanning tools (including SAST, DAST, SCA, and application fuzzing), configuration auditing and other security assessment tools
Build and improve vulnerability management processes and tooling to support system owners to successfully
Conduct manual pen testing of new features + existing systems; lead red team exercises
Coordinate third party pentesting and bug bounty programs
Triage vulnerability findings, evaluate risk, recommend effective remediation actions
Develop and deliver training on secure development standards and process
Contribute to disaster recovery and contingency planning
Perform and/or lead security incident response activities
Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
Support security compliance & certifications programs (e.g., FedRAMP, NIST SP800-53, NIST CSF, SOC 2, ISO, FIPS 140-2, etc.) by becoming familiar with control requirements, owning/operating specific controls, and helping other teams meet requirements
Other duties as assigned
Required Qualifications
Bachelor’s degree or equivalent experience in computer science, engineering, or information technology
8+ years of experience in security engineering, application security and software development
Experience securing cloud-based web applications, APIs, data; performing security design reviews, code reviews and threat modeling exercises
Knowledge of software security vulnerabilities and best practices for Golang, Typescript, Javascript, Python, C/C++, React
Solid knowledge of Git
Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
Experience with AWS cloud platform
Must be a U.S. citizen
Preferred Qualifications
Obtained applicable certifications for software security, web application penetration testing or equivalent
Experience securing a cloud service (i.e., software as a service (SaaS)) offerings and shippable software products
Experience with meeting FedRAMP, NIST SP 800-53 and similar compliance requirements
Experience with Google Cloud Platform (GCP) and Azure
Experience deploying and maintaining systems using modern Orchestration and Infrastructure-as-Code technologies
The base salary for this position rages from 136,600 - 180,000 plus bonus + benefits
Note: employees, including fully remote staff, are expected to attend two in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each.
