At ASAPP, we are on a mission to build transformative machine learning-powered products that push the boundaries of artificial intelligence and customer experience. We focus on solving complex, data-rich problems — the kind where there are huge systemic inefficiencies and where a real solution will have a significant economic impact. Our CX interaction platform uses machine learning across both voice and digital engagement channels to augment and automate human work, radically increasing productivity and improving the efficiency and effectiveness of customer experience teams.
ASAPP is seeking a full-time Product Security Engineer to test and enhance the security of our complex, distributed, cloud-native microservices products.
You will collaborate with fellow security engineers and the engineering organization at large, focusing on securing our applications using advanced cloud-native and custom solutions. Your primary goal will be to fortify our application security across the product lifecycle, ensuring robust protection for our innovative AI-driven solutions.
As a member of our growing security team, you will have oversight and responsibility for application security testing, threat modeling, and architecture. You will play a pivotal role in building and optimizing our cloud security infrastructure and implementing a variety of application detection and response tools. By leveraging ASAPP's people and technology, you will ensure maximum security and contribute actively to system design reviews, fostering a strong security culture throughout our organization.
What you'll do
- Embedded with Product Engineering, Product Managers, and Architects to ensure alignment and effective collaboration with a goal: Secure ASAPP products
- Gain domain expertise:
Deep understanding of ASAPP products portfolio and can represent them from security perspective
- Understand customer data flows and data protection requirements
- Ensure adherence to security best practices for custom software, open-source software (OSS), and APIs
- Ensure security across the entire SDLC process, including CI/CD tooling automation, container security, vulnerability management, design reviews, and penetration testing
- Threat modeling product design along with product engineering team
- Collaborate with key lines of business and engineering teams
- Act as a Security Champion
- Participate in the security incident detection and response process
What you'll need
- 5+ years of experience in securing applications on cloud-native environments and distributed systems, identifying and implementing security controls
- Background in offensive security,
security testing, and security architecture
- Deep understanding of cloud-based (AWS) infrastructure and security technologies
- Familiar with container ecosystems (Docker, K8s, Helm), and security best practices
- Proficient in at least one high-level programming language (Python, Golang)
- Experience designing and documenting security solutions architecture
- Strong interpersonal, verbal and writing communication skills as well as a strong sense of ownership and accountability
What we'd like to see
- B.S. in Computer Science or related field, or equivalent experience
- Experience with CI/CD tools such as GitLabCI, CircleCI among others
- Deep understanding of cloud-native solutions, concepts and good practices
- Familiar with encryption and secrets management technologies (HashiCorp Vault, AWS KMS, symmetric and asymmetric encryption)
Benefits
- Competitive compensation
- Stock options
- OSDE 410 for you and your family
- Wellness perks
- Learning & development stipend
- Mac equipment
- 3 weeks of vacation
- English lessons
ASAPP is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, or veteran status. If you have a disability and need assistance with our employment application process, please email us at ****** to obtain assistance.
#LI-VR1 #LI-Remote
#J-18808-Ljbffr
