Sr. Product Security Engineer (ML/AI/Big Data specialty)
Israel (Remote)
Incode
Incode offers the world's most advanced identity verification & authentication system. Power a world of trust with simple, secure & fast identity experiences.REIMAGINE TRUST
Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online to power a world of digital trust.
Through our revolutionary identity solutions, we are unleashing the business potential of universal industries including finance, government, retail, hospitality, gaming and more, by reducing fraud and transforming human interactions with data, products, and services.
We’re in the process of rapidly scaling our diverse global team and we’re looking for entrepreneurial individuals and leaders who are curious, driven, and excited by ownership to join a Unicorn-status scale-up!
The Opportunity
We seek a trustworthy and proactive Senior Product Security Engineer (ML/AI/Big Data specialty) to be the technical thought leader and driver of a paved road, holistic product security program. The Product Security Engineer works across various engineering groups in our organization to ensure that our products are as secure and privacy-protecting as our customers expect. We’re looking for someone who loves to solve big challenges in Product Security. These challenges include ensuring a secure software supply chain from idea to operation, providing software provenance, automating all the things in CI/CD, and building and breaking software to make it more secure.
To be successful as a Product Security Engineer, you should have hands-on experience securing the software supply chain and products of a SaaS and mobile-first company, enjoy partnering with fellow engineers, and be able to speak to the big picture of the SDLC and how to achieve a desired state in reasonable chunks. As an engineer, you should lead with a hacker mindset and be able to roll up your sleeves and design, architect, and threat model security critical solutions. Reporting to the Sr. Director of Information Security, you will be an early hire to the security team and will have the opportunity to influence and evolve our product security program.
Responsibilities
- Partner with engineering and product management teams to perform threat modeling, architecture & design, and code reviews. Assess security implications, requirements for the secure development of new systems, features, and technologies.
- Provide hands-on remediation guidance to development teams and design security architecture, features and controls that keeps our customers' data safe and preserves their privacy.
- Build a security paved road through automation and tooling (SAST, SCA, MAST, IaC, DAST, Fuzzing, etc.) into the SDLC and CI/CD integrations that enables our developers to easily produce secure software.
- Define, architect, build, improve and validate secure software supply chain and build provenance mechanisms.
- Manage, triage, and provide support to external researchers in our vulnerability disclosure and bug bounty programs.
- Provide proof of concept exploits, facilitate vulnerability remediation, and drive adherence to software security standards through policy as code.
- You'll help scale the engineering organization and mentor engineers on best practices in secure software design and architecture.
Qualifications:
- Deep expertise in at least one domain: web application and browser security, mobile application security, applied cryptography, machine learning and artificial intelligence security, offensive security, cloud security, hardware security.
- Experience in software engineering, infrastructure engineering, site reliability engineering, or offensive security for a SaaS product company.
- Experience with a variety of security tooling, to include: SAST, DAST, SCA, IaC Scanning, Image and Container Scanning, MAST, IAST, and offensive security and proxy tooling.
- Deep expertise with common application security flaws, security controls, and common security libraries and identifying security issues through code review, threat modeling, penetration testing, and other techniques manually and with tools.
- You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.
- Extensive experience in SaaS product development and security space; securing complex interconnected web and mobile applications and their architectures using Python, Javascript, Swift, Java, C++, Kotlin, or any other modern language.
- You enjoy collaborating cross-functionally to accomplish shared goals, and you care about learning, growing, and helping others to do the same.
Preferred Experience and Certification:
- Have SaaS Startup experience in security-focused industries, such as fintech, security software and services, healthtech, and identity and access management.
- Experience with virtualization, containerization technology, orchestration, and cloud native security.
- Certifications in Security, Product Security and/or Offensive Security (eg. OSCP, OSWP, OSEP, OSWA, OSED, OSMR, OSWE, OSEE, GPEN, GWAPT, CEH, etc).
- Cloud Certifications, such as AWS Certified Solutions Architect, AWS Security Specialty
- Hands-on experience in offensive security, and CVEs to prove it.
8 Aspects of our Culture:
- Values are what we value
- High performance
- Freedom & responsibility
- Context, not control
- Highly aligned, loosely coupled
- Continuous Feedback
- Pay Top of Market
- Promotions & Development
- Learn more about Life at Incode!
Benefits & Perks:
- Meaningful Equity
- Flexible Working Hours & Workplace
- Open Vacation Policy
- Wellness Program
- International Travel Opportunities
- Additional benefit package according to location (401k, medical insurance, etc.)
Equal Opportunities:
Incode is an equal opportunity employer, committed to creating a diverse and inclusive work environment. We take great pride in having an inclusive, diverse, and global team and are always on the lookout for talented, passionate people from all backgrounds and walks of life.
Applicant Data Privacy:
We will only use your personal information in connection with Incode’s application, recruitment, and hiring processes.
* Salary range is an estimate based on our AI, ML, Data Science Salary Index 💰
Tags: Architecture AWS Big Data CI/CD Engineering Finance FinTech Java JavaScript Machine Learning Privacy Python SDLC Security Testing
Perks/benefits: Career development Equity Flex hours Flex vacation Startup environment
More jobs like this
Explore more AI, ML, Data Science career opportunities
Find even more open roles in Artificial Intelligence (AI), Machine Learning (ML), Natural Language Processing (NLP), Computer Vision (CV), Data Engineering, Data Analytics, Big Data, and Data Science in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Lead Data Analyst jobs
- Open Data Science Manager jobs
- Open MLOps Engineer jobs
- Open Data Engineer II jobs
- Open Senior Business Intelligence Analyst jobs
- Open Data Manager jobs
- Open Principal Data Engineer jobs
- Open Power BI Developer jobs
- Open Data Scientist II jobs
- Open Sr Data Engineer jobs
- Open Business Data Analyst jobs
- Open Junior Data Scientist jobs
- Open Data Analytics Engineer jobs
- Open Business Intelligence Developer jobs
- Open Product Data Analyst jobs
- Open Data Analyst Intern jobs
- Open Sr. Data Scientist jobs
- Open Senior Data Architect jobs
- Open Big Data Engineer jobs
- Open Manager, Data Engineering jobs
- Open Principal Data Scientist jobs
- Open Azure Data Engineer jobs
- Open Data Quality Analyst jobs
- Open Research Scientist jobs
- Open Data Product Manager jobs
- Open Data quality-related jobs
- Open GCP-related jobs
- Open Java-related jobs
- Open Business Intelligence-related jobs
- Open ML models-related jobs
- Open Data management-related jobs
- Open Privacy-related jobs
- Open PhD-related jobs
- Open Deep Learning-related jobs
- Open Finance-related jobs
- Open Data visualization-related jobs
- Open PyTorch-related jobs
- Open TensorFlow-related jobs
- Open APIs-related jobs
- Open NLP-related jobs
- Open Consulting-related jobs
- Open Snowflake-related jobs
- Open LLMs-related jobs
- Open Generative AI-related jobs
- Open CI/CD-related jobs
- Open Kubernetes-related jobs
- Open Hadoop-related jobs
- Open Data governance-related jobs
- Open Airflow-related jobs
- Open Databricks-related jobs