Senior Product Security Engineer

ForgeRock.com

Senior Product Security Engineer

Salary Not Specified

ForgeRock.com, City of Westminster

  • Full time
  • Permanent
  • Remote working

Posted 3 weeks ago, 10 Apr | Get your application in now before you miss out!

Closing date: Closing date not specified

job Ref: f30b2b99a9fe47a7b92f8e80aef10ddc

Full Job Description

Own multiple Security Engineering assignments working with Ping Identity products, processes and tooling
Provide technical leadership and mentor other Product Security Engineers
Assist in proposing, developing and improving Secure Software Development Lifecycle (SSDLC) practices alongside global, high-performance product engineering teams
Work with the product teams to perform architectural, security design/code reviews, vulnerability assessment and management
Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, building custom tools and automation, and exploit development.
Innovate in all aspects of automation of SSDLC tasks including use of Generative AI
Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product

4+ years of proficiency in a mix of Enterprise Application Security, API Security, Web Application Security, and Mobile Application Security
4+ years of developing commercial or open-source products (experience in Java or Javascript preferred) or equivalent experience
Exceptional problem-solving skills, curiosity about the inner workings of systems and showing attention to details and documentation
Excellent written and oral communication skills

You have an advantage if you have:
Experience with Linux environments, administration, security, internals
Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking)
Experience in securing machine learning or generative AI platforms
Experience with CI/CD cloud deployment in Amazon AWS, Azure or Google Cloud Platform
Security certifications such as CISSP, CSSLP, GIAC, OSCP Life at Ping:
We believe in and facilitate a flexible, collaborative work environment. Were growing quickly, but remain true to the innovative, can-do startup values that got us here. Most importantly, we keep hiring talented, smart, fun, and genuinely nice people because thats who we want to succeed with every day.
Here are just a few of the things that make Ping special

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. We call this digital freedom. And it's not just something we provide our customers. It's something that inspires our company. People don't come here to join a culture that's built on digital freedom. They come to cultivate it.
Our intelligent, cloud identity platform lets people shop, work, bank, and interact wherever and however they want. Without friction. Without fear.
While protecting digital identities is at the core of our technology, protecting individual identities is at the core of our culture. We champion every identity. One of our core values, Respect Diversity, reminds us to celebrate differences so you are empowered to bring your authentic self to work.
We're headquartered in Denver, Colorado and we have offices and employees around the globe. We serve the largest, most demanding enterprises worldwide, including more than half of the Fortune 100. At Ping Identity, we're changing the way people and businesses think about cybersecurity, digital experiences, and identity and access management. As a Senior Application Security Engineer working remotely from eastern US/Canada or remotely from the UK or in our Bristol, UK office where you will gain invaluable experience at a visionary identity security company. The position requires a passion for application security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment, excellent communications skills, and attention to latest security best practices.

A company culture that empowers you to do your best work.
Employee Resource Groups that create a sense of belonging for everyone.
Regular company and team bonding events.
Competitive benefits and perks.
Global volunteering and community initiatives

Our Benefits:

Generous PTO & Holiday Schedule
Parental Leave
Progressive Healthcare Options
Retirement Programs
Opportunity for Education Reimbursement
Commuter Offset (Specific locations)

Ping is the collective sum of all our individual experiences, backgrounds and influences and we pride ourselves in growing and learning together. We are committed to building an inclusive and diverse environment where everyones individuality is respected and everyone has an Identity. In recruiting for new colleagues, we welcome the unique contributions you can bring and encourage you to be your best self.
We are an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.