Staff Product Security Engineer
Instacart
CloudGoPythonRuby
Senior Security Engineer
ActivTrak
full-time
Posted on:
Location Type: Remote
Location: Remote • Texas • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
CloudGoogle Cloud PlatformSDLC
About the role
- Execute our comprehensive security program, including implementing policies, procedures, standards, and guidelines that align with industry standards and best practices.
- Work with cross-functional teams to implement security measures that align with business objectives.
- Conduct daily monitoring, triage, and escalation of GCP security alerts from various systems.
- Manage submissions from our Responsible Disclosure program.
- Deploy, maintain, and tune security technologies, tools, and systems to enhance the organization's security posture.
- Maintain situational awareness of emerging risks for our organization’s technology stack and escalate as needed.
- Conduct scheduled and on-demand security assessments for software solutions, vendors, tools, and business processes, including development of risk mitigation plans.
- Support the sales engineers by providing technical expertise on security requirements for potential and existing customers, including customer-facing sales calls.
- Help develop security presentations and training materials to support internal and customer security objectives.
- Perform scheduled and on-demand vulnerability scanning against networks and applications.
- Investigate, triage, and respond to security incidents, ensuring proper documentation and escalation.
- Leverage AI tools and large language models to enhance security operations, risk assessment and management, vulnerability analysis, and incident response workflows.
- Maintain awareness of AI-specific security considerations and develop mitigation plans as needed.
- Implement product security features and capabilities in collaboration with the product development team.
Requirements
- 5 years experience in information security, with hands-on experience in security operations and compliance frameworks such as SOC2.
- Ability to balance risk with business objectives when designing and implementing practical and effective security solutions.
- Strong communication skills with the ability to explain complex security concepts to various stakeholders.
- Experience with cloud security, specifically in Google Cloud Platform (GCP).
- Experience implementing and maintaining security tools and controls, including SDLC and GRC tools.
- Ability to clearly articulate how our security program addresses customer security requirements.
- Proven ability to evaluate and track risks through resolution using logic and deductive reasoning.
- Strong knowledge of security best practices and technologies, including access control, identity management, attack surface management, and incident response.
- Hands-on experience with tools for security monitoring, vulnerability scanning, and security testing, including use of AI features.
- Understanding of common security framework requirements including NIST and ISO and ability to map controls to compliance requirements.
- Proficiency with a scripting language for automating security operations.
- Relevant security certifications such as CISSP, GIAC/GSEC, GCP platform-specific security certifications, Security+, and/or SSCPs are preferred.
Benefits
- Competitive compensation and benefits
- Position is remote within US (Austin preferred)
- Minimal travel
- Limited physical demands
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information securitysecurity operationscloud securityGoogle Cloud Platform (GCP)security toolsvulnerability scanningsecurity testingscripting languagerisk assessmentincident response
Soft skills
communication skillsrisk managementstakeholder engagementlogical reasoningdeductive reasoning
Certifications
CISSPGIAC/GSECGCP security certificationsSecurity+SSCP
