Senior Product Security Engineer
StubHub
about 1 month ago
Los Angeles, CA, USA
Senior
H1B Sponsor
Base Salary
$200k - $250k/yr
Responsibilities
- Conduct security assessments, code reviews, and penetration tests on web applications, APIs, and mobile apps.
- Collaborate with development teams to embed security into CI/CD pipelines.
- Develop and maintain secure coding guidelines and conduct security awareness training.
- Respond to security incidents and perform root cause analyses.
- Stay current on emerging security threats and share insights across teams.
- Help develop and enforce application security policies and procedures.
- Conduct architectural reviews to ensure security of new technologies.
- Build and maintain product vulnerability management processes.
- Write and maintain production-grade APIs to automate security processes.
- Triage and respond to findings from the enterprise Bug Bounty program.
Requirements
- Expert-level understanding of offensive web application security testing.
- Expert-level skills in vulnerability assessments and code reviews.
- Extensive experience with automated security testing tools.
- Strong communication skills to convey complex security concepts.
- Hands-on experience in applied cryptography and key management.
- Proven ability to implement SAST, DAST, and SBOM tooling.
- Experience in performing structured threat modeling.
- Intermediate proficiency in at least one scripting language.
- Familiarity with security frameworks such as PCI DSS and NIST CSF.
Benefits
- Accelerated growth environment for skill enhancement.
- Competitive base, equity, and performance-based compensation.
- Unlimited Flex Time Off for better work-life balance.
- Comprehensive benefits package including health, vision, and dental insurance.
Tech Stack
AWSAzureC#JavaKubernetesPythonRuby
Categories
Security