Remote Senior Security Engineer

Logo of Oyster

Oyster

πŸ“Remote - Worldwide

Job highlights

Summary

Join Oyster's global employment platform as a Senior Security Engineer, working remotely with a fully-distributed team. Embed security in the Software Development Lifecycle (SDLC), conduct security assessments, and collaborate with cross-functional teams to enhance security posture.

Requirements

  • 5+ years of experience in application security, with a strong focus on SaaS environments
  • Strong knowledge of security assessments, audits, and best practices for SaaS applications
  • Experience in configuring and managing security controls and access management within a SaaS-centric environment
  • Proficiency in using security testing tools such as SAST, DAST, and SCA
  • Experience integrating security tools into CI/CD pipelines and automating security processes
  • Familiarity with data protection regulations (e.g., GDPR, CCPA) and their implications for application security
  • Understanding of identity and access management
  • Strong problem-solving skills and the ability to communicate complex security concepts to technical and non-technical audiences

Responsibilities

  • Embed Security in SDLC: Collaborate with development teams to integrate security practices into the Software Development Lifecycle (SDLC)
  • Conduct security assessments, code reviews, and threat modeling exercises to identify and mitigate security risks
  • Provide guidance on secure coding practices and remediation strategies
  • SaaS Application Security: Conduct security assessments and audits of both in-house and third-party SaaS applications
  • Ensure proper security controls and access management are implemented for SaaS tools
  • Stay updated on emerging threats and vulnerabilities specific to SaaS environments and address potential risks proactively
  • Security Tools and Automation: Implement and manage security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA)
  • Integrate security tools into CI/CD pipelines for continuous security testing
  • Monitor and analyze security tools' outputs to identify and address potential security risks
  • Collaboration and Compliance: Work with the Data Protection/Privacy Team to ensure applications comply with relevant data protection regulations (e.g., GDPR, CCPA)
  • Collaborate with the IT Team to ensure secure infrastructure configurations for hosting and deploying applications
  • Partner with the Product Team to incorporate security requirements into product features from the design phase
  • Training and Awareness: Develop and deliver security training and awareness programs for developers and relevant stakeholders
  • Promote a culture of security awareness and best practices throughout the organization

Benefits

  • Paid time off: 40 days off each year, including public/bank holidays and vacation/holiday leave (unless your country mandates more)
  • Mental health support: Access to Plumm, a mental well-being service
  • Wellbeing allowance: A monthly stipend for wellbeing expenses, topped up by Oyster in your ThanksBen wallet
  • Flexible parental leave: A minimum of three months of paid parental leave and job protection for 12 months (or longer if required by local jurisdiction)
  • WFH stipend: A stipend to spend on your laptop and any other equipment you need for your home office

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Please let Oyster know you found this job on JobsCollider. Thanks! πŸ™