Senior Software Engineer - Product Security

Summary

Join PointClickCare as a Senior Software Engineer and proactively build systems to mitigate product security issues. Collaborate with product teams to detect potential production problems. This multifaceted role involves engineering solutions, guiding best practices, performing reviews, conducting investigations, creating detection rules, monitoring alerts, and collaborating with security teams. The ideal candidate possesses a strong technical background in software engineering and cybersecurity, excellent analytical skills, and a proactive approach to threat detection and response. You will develop and maintain custom scripts and tools, analyze security data, work with other cybersecurity professionals, stay updated on cyber threats, advise product teams, create detection rules, and participate in incident response. This position offers a competitive salary and a comprehensive benefits package.

Requirements

• Education: Bachelor’s degree in Computer Science or a related field. Certifications are not required however being a Certified Ethical Hacker is a plus
• Experience: Minimum of 10-15 years of experience in software engineering
• Technical Skills: Expert level understanding of software engineering skills with Java, C#, or other OOO languages with focus on app security best practices. Proficiency in using security tools and technologies such as SIEM, IDS/IPS, EDR, network analysis tools, and OWASP Top 10 knowledge is desirable but not required. Strong scripting skills (e.g., Python, PowerShell) are also highly desirable
• Security Skills: Appreciation and eagerness to learn about account security, app security, threat hunting, security detection, incident response, or related areas
• Analytical Skills: Excellent analytical and problem-solving skills, with the ability to think critically and creatively to identify and mitigate threats
• Communication: Strong written and verbal communication skills, with the ability to convey complex technical information to both technical and non-technical stakeholders
• Team Player: Ability to work effectively both independently and as part of a team in a fast-paced, dynamic environment

Responsibilities

• System Development & Management: Solution, develop, and maintain custom scripts, tools, and techniques to enhance threat detection and response capabilities. Manage and optimize security detection tools and platforms
• Data Analysis: Analyze security data from various sources, including logs, SIEM(s), network traffic, and endpoint data, to identify patterns, trends and anomalies indicative of potential threats
• Collaboration: Work closely with other cyber security professionals, product teams, and external partners to share threat intelligence and improve overall security posture
• Continuous Improvement: Stay up-to-date with the latest cyber threats, trends, and technologies to continuously improve threat hunting and detection methodologies and tools
• Product Advisement: "Shift-left" to work with existing product teams to identify, remediate, and fix new or existing product deficiencies
• Detection Rule Development and Stewardship: Create and maintain detection rules and signatures for various security tools (e.g., SIEM, IDS/IPS) to identify potential threats and anomalies
• Incident Response: Collaborate with the incident response team to analyze and respond to security incidents, ensuring timely and effective mitigation
• Threat Intelligence: Integrate threat intelligence feeds and data into detection mechanisms to improve the accuracy and relevance of alerts
• Reporting: Understand the nature of threats, potential impact, response actions taken, and recommended mitigation strategies

Benefits

• Retirement Plan Matching
• Flexible Paid Time Off
• Wellness Support Programs and Resources
• Parental & Caregiver Leaves
• Fertility & Adoption Support
• Continuous Development Support Program
• Employee Assistance Program
• Allyship and Inclusion Communities