Sr. Product Security Engineer
Who We Are:
KeepTruckin is on a mission to modernize the trucking industry. With the leading fleet management platform, we are bringing trucks online and fundamentally changing the way freight is moved on our roads.
We see our hard work rewarded in tangible ways every day and we believe that intelligence is most powerful when paired with humility. We’re motivated by the opportunity to impact and improve every facet of a trillion-dollar industry that touches everyone’s lives. KeepTruckin is proud to be a Forbes Cloud 100 company and a 2020 Career-Launching Company by Wealthfront.
About the Role:
KeepTruckin is looking for a passionate Sr. Product Security Engineer to join our Security Architecture & Engineering team. The team is responsible for security and privacy of all products and services offered by the company.
We are looking for people who want to partner with our peers to level up KT's security posture and reduce security risks stemming from products developed by KT and underlying platform. We are passionate about helping teams with security design and implementation, creating policies to guide our peers, and identifying and prioritizing KT’s security and privacy risks. Does that sound like you, or like someone you want to be? Cool. We would like for you to apply.
As a Product Security Engineer on the Security Architecture & Engineering Team, you will partner with KT teams to protect KT’s data, implement important security controls, and evaluate and remediate security risk. You'll help us launch our Secure Solutions Development Service. We do not expect you to be an expert in all of the team's responsibilities but we do expect you to be familiar with several of the team's responsibility areas, or well versed in one of them and interested in the other areas.
What You’ll Do:
- Develop design patterns, repeatable guidance, and where necessary, policy
- Recognize and adopt best practices in security engineering fields throughout the organization
- Consult with both product-focused and horizontal teams, both engineering and not
- Help teams to make the right security calls
- Perform architecture and data handling reviews
- Perform risk assessments and risk exceptions
- Develop and maintain security tooling such as SAST, DAST, OSS Scanners, IAM, Secrets Management etc
- Support and manage product security process activities including threat and attack tree modelling, security requirements definition with research team, and develop cyber test planning and penetration testing.
What We’re Looking For:
- Have 3+ years of experience with identifying and remediating OWASP Top 10 and other AppSec related issues
- Have 3+ years of experience in working with product teams creating security designs and providing security requirements
- Have 3+ years of hands on development experience in the programming languages from python, go, javascript
- Have understanding of cloud computing architectures and services; especially AWS
- Have 1+ years of experience working with Docker and Kubernetes based environments
- Strong collaboration skills working cross functionally with internal and external customers
Creating a diverse and inclusive workplace is one of KeepTruckin's core values. We are an equal opportunity employer and welcome people of different backgrounds, experiences, abilities and perspectives.
Please do not let an arrest or conviction record prevent you from applying for employment at KT. KT considers qualified applicants with arrest and conviction records.
Please review our Candidate Privacy Notice here.