Product Security Engineer II

Greenlight is seeking a Product Security Engineer II to join their growing security team. The role will involve ensuring the security of products across the entire software development lifecycle (SDLC) and providing support on different security initiatives.

Requirements

• 5+ years of experience finding security vulnerabilities, security code reviews and knowledge of secure code development for the technology stack at Greenlight
• 2-4 years experience with the threat modeling process and ability to find design problems based on technical architecture and data flow diagrams
• Experience with exploiting common security vulnerabilities
• Deep technical knowledge of web and mobile application security, common vulnerabilities, secure coding practices, common exploit mitigations and secure architecture patterns
• Experience integrating or building AI-powered tools to assist with vulnerability detection, code review or threat modeling
• Experience creating software that enables security processes especially those leveraging AI/ML for automation or augmentation
• End to end experience on implementing and managing tools for Product Security (i.e. API Security, Mobile Protection, SAST, runtime scanning, etc.)
• Experience with software development and automation that enables security processes. Deep technical knowledge of CI/CD pipelines and relevant tools for web and mobile applications
• Hands-on experience with security tools for SAST, DAST, IAST, and penetration testing. Fuzzing skills are good to have
• Skilled in scripting, automation and exploit writing
• Strong understanding of cloud security principles in AWS environments
• Strong communication skills with the ability to articulate complex security concepts to both technical and non-technical audiences
• Strong product sense for rapid iteration and refinement based on data, combined with a collaborative mindset to work closely with engineers, product managers, and security analysts in a fast-paced environment