Product Security Engineer II

Summary

Join Toast's Product Security team and become a vital member of the kitchen crew, ensuring the security of our restaurant platform. You will identify and remediate application vulnerabilities, improve developer tooling, assist incident response teams, and collaborate with developers to bake security into our products. This role requires a strong grasp of web vulnerabilities, proficiency in at least one programming language, experience with security tools, and excellent communication skills. We offer competitive compensation and benefits, including a base salary range of $104,000-$166,000, cash compensation, equity, and a comprehensive benefits package. We are committed to creating an accessible and inclusive hiring process. Apply today and help us craft a recipe for digital trust!

Requirements

• Strong grasp of common web vulnerabilities and how to mitigate them
• Proficiency in at least one programming language (Kotlin, Java, Python, Go, C#, etc.)
• Experience with security tools like static/dynamic analysis scanners and web proxies
• Solid understanding of cloud application architecture, network security, and secure coding practices
• Excellent communication skills - you can explain complex security concepts to both technical and non-technical audiences

Responsibilities

• Identify, triage, and provide remediation guidance for application vulnerabilities
• Improve developer tooling and adoption to build a more robust SSDLC
• Assist incident response teams with application security expertise and tools
• Think like an attacker to identify weaknesses in application architecture
• Collaborate with developers, using a #OneTeam approach to bake security into our products
• Research emerging security trends and technologies, keeping our defenses cutting-edge
• Contribute to Toast's Security Community of Practice

Preferred Qualifications

• A relevant security certification (CISSP, CEH, GWAPT, OSCP)
• Experience with web application firewalls, cloud and container security technologies, and/or SSDLC tooling (e.g. SAST/DAST/SCA)
• Experience with mobile apps/threats (iOS, Android)
• Experience with securing financial technologies

Benefits

• Competitive compensation and benefits programs
• Base salary range of $104,000 — $166,000 USD
• Cash compensation (overtime, bonus/commissions if eligible)
• Equity