Description
We are looking for a Senior Security Engineer (Product) to join our Trust team at Headway. As an early member on the team, you'll have the unique opportunity to be the builder and driver of our dedicated, in-house product and application security engineering efforts. In this role, you will partner closely with our product and engineering teams to ensure that our application is designed and developed securely so that we can maintain and grow customers' trust in Headway.
Some of the key responsibilities of this role include:
- Partnering with Product and Engineering to ensure that our application is designed and developed securely
- Participating in the implementation efforts, doing security reviews, helping with product design decisions, auditing and surfacing vulnerabilities in our current products
- Developing and improving our automated tooling to scale our application security capabilities and find potential code problems both before and after we deploy
- Making the safe way, the easy way, by working on defining and building application guardrails so that developers can build securely by default
- Assisting in ongoing security operations, including incident response, vulnerability management, penetration testing, security reviews, and other operational tasks to ensure that our security program is operating at a world-class level
We use a variety of tools and technologies, including Cloud Security: Lacework, Languages: Python 3, TypeScript, Libraries: FastAPI, SQLAlchemy, React, Datastores: Postgres, Redis, Infrastructure: AWS (Fargate, ECS, S3, and more), Spark and Kafka, Monitoring: Datadog, PagerDuty, Version Control: Github, Vulnerability Management: Snyk, Semgrep
If you have 0 → 1 security experience, strong cross-functional experience, strong technical depth and breadth, thrive in ambiguity, innovation at scale, results-driven, and mission-driven, you'll be great for this role.