Product Security Engineer
About Fluence: Fluence Energy, Inc. (Nasdaq: FLNC) is a global market leader in energy storage products and services, and optimization software for renewables and storage. With a presence in over 47 markets globally, Fluence provides an ecosystem of offerings to drive the clean energy transition, including modular, scalable energy storage products, comprehensive service offerings, and the Fluence IQ Platform, which delivers AI-enabled SaaS products for managing and optimizing renewables and storage from any provider. Fluence is transforming the way we power our world by helping customers create more resilient and sustainable electric grids.
For more information, visit our website, or follow us on LinkedIn or Twitter. To stay up to date on the latest industry insights, sign up for Fluence's Full Potential Blog.
OUR CULTURE AND VALUES
We are guided by our passion to transform the way we power our world. Achieving our goals requires creativity, diversity of ideas and backgrounds, and building trust to effect change and move with speed.
We are Leading
Fluence currently has thousands of MW of energy storage projects operated or awarded worldwide in addition to the thousands of MW of projects managed by our trading platform—and we are growing every day.
We are Responsible
Fluence is defined by its unwavering commitment to safety, quality, and integrity.
We are Agile
We achieve our goals and meet our customer’s needs by cultivating curiosity, adaptability, and self-reflection in our teams.
We are Fun
We value the diversity in thought and experience of our coworkers and customers. Through honest, forthcoming, and respectful communications we work to ensure that Fluence is an inclusive and welcoming environment for all.
Job Description
We are seeking a highly skilled and motivated Product Security Engineer to join our dynamic security team. In this role, you will play a pivotal role in identifying, assessing, and mitigating security vulnerabilities within our applications. Additionally, you will lead the rollout of new security tools and technologies to enhance our organization's security posture. The ideal candidate will have a strong background in application security testing, penetration testing, vulnerability management, and security tooling, along with the ability to collaborate effectively with internal stakeholders and external security researchers. This role will report to our Head of Product Security.
Responsibilities
· Engage in security testing of collective Fluence Products to evaluate products are secure.
· Perform penetration testing on new and existing products and services to identify security risks and establish a baseline for security requirements.
· Coordinate security defects tracking capabilities and map remediation steps to mitigate vulnerabilities with stakeholders, product, and security champions.
· Collaborate with internal and external stakeholders, including security researchers, to enhance the organization's security posture and bug bounty program efficacy.
· Act as a technical representative for Product Security testing initiatives among product and shared service teams.
Requirements:
· 3+ years of experience as a penetration tester, ethical hacker, or bug hunter, with a deep understanding of security testing methodologies and techniques.
· 2+ years of experience with Static Application Security Testing, Dynamic Application Security Testing, Software Composition Analysis, and Vulnerability Management tools.
· Relevant cybersecurity certifications (e.g., OSCE, OSCP, CEH, GPEN, GCPN) preferred.
· Proven experience supporting and evolving security automation functions with scripting/automation/development in at least one of: Python, Perl, Go, JavaScript, C++.
Preferred Qualifications:
· Comprehensive knowledge of securing diverse platforms and technologies, including cloud services, Internet of Things (IoT), mobile applications, custom hardware, and custom applications operating at massive scale.
· Strong communication skills with the ability to effectively communicate technical information to both technical and non-technical audiences.
· Strong analytical and problem-solving skills, with a keen attention to detail and a drive for continuous improvement.
· Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of ownership and accountability.
· Active participation in cybersecurity forums/conferences, e.g., DEFCON, Black Hat
· Contributions to the security community: research papers, public CVEs, conference talks, open source, etc.
What you'll bring:
· You have proven experience supporting and evolving bug bounty and vulnerability disclosure programs.
· You are a well-versed penetration tester/ethical hacker/bug hunter.
· You are intimately familiar with securing a wide variety of platforms and technologies including cloud services, Internet of Things (IoT), mobile applications, custom hardware, and custom applications all operating at massive scale.
· You are a thought leader and mentor peers within the organization on security defects.
If you are passionate about application security, enjoy tackling complex security challenges, and thrive in a collaborative team environment, we want to hear from you! Apply now to join our team as a Product Security Engineer and help us build and maintain secure software solutions.
Fluence IS AN EQUAL OPPORTUNITY EMPLOYER and fully subscribes to the principles of Equal Employment Opportunity to ensure that all applicants and employees are considered for hire, promotion, and job status without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, marital or familial status.