ExtraHop
Senior Product Security Engineer with experience in modern software development practices and securing web applications, APIs, and software systems.
Postscript
Architect scalable backend systems using Go and Python at Postscript's Flow Builder team, leading API development and mentoring engineers in a fast-growing environment.
Phantom
Full-stack engineer at Phantom developing APIs and user interfaces for a self-custodial wallet with a focus on security, innovation, and user experience.
Buynomics
Senior Full Stack Software Engineer for SaaS platform with ReactJS, TypeScript, NodeJS, and NestJS expertise
Orum
Senior Full Stack Software Engineer at Orum - $165k-$190k/year
Orum
Senior Full Stack Software Engineer at Orum: drive impactful user experiences with real-time high-volume processes
Aleph
Join Aleph as an AI-focused Software Engineer to integrate cutting-edge AI technologies into our FP&A platform, working with LLMs and generative models to drive innovation in financial planning tools.
Canonical
Senior Software Engineer for Juju engine behind model-driven operations, driving process improvement and collaboration with distributed team.
LI.FI
Senior Backend Engineer at LI.FI: Design & develop scalable backend systems, collaborate with cross-functional teams, and contribute to a fairer, more decentralized world.
CloudWalk
Join CloudWalk, a fintech pioneer using AI to transform payments, and collaborate with a diverse team to build innovative solutions.
Podium
Join Podium's Payments team as a Full Stack Software Engineer to drive payments innovation for small businesses in the US. Build intelligent solutions, collaborate with cross-functional teams, and enjoy remote-first work, generous benefits, and career growth.
Grafana Labs
Senior Backend Software Engineer for Grafana Cloud, remote-first company, UK, Germany, Spain, Sweden
Grafana Labs
Senior Backend Software Engineer for Grafana Cloud
Grafana Labs
Senior Backend Software Engineer for Grafana Cloud, remote-first company with Go-based tech stack
OpenX
Join OpenX as a Software Engineer (Python) and contribute to the development of high-performance systems and innovative ad technologies.
Degreed
Senior Backend Engineer at Degreed: Design scalable services, solve complex problems, and shape strategic initiatives for a forward-thinking organization.
Binance
Senior DevOps Engineer at Binance: Design cloud-based micro-service infrastructure, automate operational activities, and provide on-call support.
Axios
Join Axios as a Senior Associate, Client Partnerships to build revenue through strategic client partnerships. Manage relationships, network with partners, and expand the company's footprint while enjoying comprehensive benefits including health insurance, mental health support, and learning stipends.
Goodnotes
Senior Full Stack Engineer for cross-platform digital paper solution using React/Redux, TypeScript, Node.js, and AWS
Eventbrite, Inc.
Senior Product Manager - Marketing Tech at Eventbrite
ExtraHop
ExtraHop is seeking a Senior Product Security Engineer with experience in modern software development practices to build and operate product security program capabilities, tools, and processes. The ideal candidate will have a mix of software development and application security experience, enjoy working in a collaborative environment, and be familiar with securing web applications, APIs, and software systems. Key responsibilities include defining standards for secure development, performing threat modeling, and implementing vulnerability scanning tools. The position requires 8+ years of experience in security engineering, application security, and software development, as well as knowledge of cloud-based technologies such as AWS and container environments like Kubernetes and Docker. ExtraHop offers a competitive salary range of $136,600 - $180,000 per year, plus bonus and benefits.
Position Summary
Do you enjoy the challenge of securing complex systems? Want to be a part of a collaborative team that builds solutions that protect some of the biggest networks in the world? ExtraHop is seeking a Senior Product Security Engineer, experienced with modern software development practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success.
We're looking for candidates with a mix of software development and application security experience, who enjoy working in a collaborative environment and taking direct action to identify, remediate and prevent vulnerabilities and security issues.
You must have experience with securing web applications, APIs and software systems, working with public cloud infrastructure, and be familiar with container technologies.
Key Responsibilities
Define standards for secure development and configuration of application and infrastructure components; and coordinate with other teams to ensure compliance with those standards
Perform threat modeling, security design reviews, code reviews, and security consultations with software and systems engineers
Implement, manage and improve vulnerability scanning tools (including SAST, DAST, SCA, and application fuzzing), configuration auditing and other security assessment tools
Build and improve vulnerability management processes and tooling to support system owners to successfully
Conduct manual pen testing of new features + existing systems; lead red team exercises
Coordinate third party pentesting and bug bounty programs
Triage vulnerability findings, evaluate risk, recommend effective remediation actions
Develop and deliver training on secure development standards and process
Contribute to disaster recovery and contingency planning
Perform and/or lead security incident response activities
Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
Support security compliance & certifications programs (e.g., FedRAMP, NIST SP800-53, NIST CSF, SOC 2, ISO, FIPS 140-2, etc.) by becoming familiar with control requirements, owning/operating specific controls, and helping other teams meet requirements
Other duties as assigned
Required Qualifications
Bachelor’s degree or equivalent experience in computer science, engineering, or information technology
8+ years of experience in security engineering, application security and software development
Experience securing cloud-based web applications, APIs, data; performing security design reviews, code reviews and threat modeling exercises
Knowledge of software security vulnerabilities and best practices for Golang, Typescript, Javascript, Python, C/C++, React
Solid knowledge of Git
Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
Experience with AWS cloud platform
Must be a U.S. citizen
Preferred Qualifications
Obtained applicable certifications for software security, web application penetration testing or equivalent
Experience securing a cloud service (i.e., software as a service (SaaS)) offerings and shippable software products
Experience with meeting FedRAMP, NIST SP 800-53 and similar compliance requirements
Experience with Google Cloud Platform (GCP) and Azure
Experience deploying and maintaining systems using modern Orchestration and Infrastructure-as-Code technologies
The base salary for this position rages from 136,600 - 180,000 plus bonus + benefits
Note: employees, including fully remote staff, are expected to attend two in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each.
