25 days ago
Base Salary
$113k - $252k/yr
Responsibilities
- Act as the tech lead for high-priority product security initiatives.
- Advise on the overall strategy and roadmap of the Product Security Program.
- Participate in expanding the Navan S-SDLC program.
- Review product designs for security defects and perform threat modeling.
- Work with engineers to recommend security-compliant design solutions.
- Design and develop security tools and processes for development teams.
- Automate security processes and integrate them into CI pipelines.
- Assist in developing custom Security as Code solutions.
- Provide training and guidance to development teams early in the SSDLC.
- Cultivate security ownership within product teams.
- Highlight product/application vulnerabilities for prioritization and remediation.
- Help build the Red Team and PSIRT functions.
Requirements
- Proven experience in threat modeling and architecture reviews for complex applications.
- Experience delivering critical organization-wide product security initiatives.
- Experience in application, cloud, and mobile penetration testing in high-risk environments.
- 6-8 years of experience in Technical Product Security related to SSDLC tooling and automation.
- Ability to execute in multifaceted and highly technical organizations.
- Pragmatic security advice for web, mobile, and cloud applications.
- Experience in Agile development and familiarity with cloud environments like AWS.
- Knowledge of application security testing tools and infrastructure as code.
- Deep understanding of application and network protocols, cryptographic methods, and security threats.
- Knowledge of secure SaaS architecture in a containerized microservices environment.
Tech Stack
AngularAWSCSSDockerGitGitHub ActionsJavaScriptJenkinsKubernetesTerraform