Manager, GRC Engineering
Workstreet
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Senior Information Security Engineer
Mixpanel
full-time
Posted on:
Origin: • 🇺🇸 United States • California
Visit company websiteJob Level
Senior
Tech Stack
Google Cloud PlatformNoSQLSQL
About the role
- Serve as the go-to domain expert for the vulnerability management program and lead triage and mitigation of vulnerabilities from HackerOne, Detectify, and GitHub Advanced Security
- Define and own the Product Security strategy, orchestrating security testing of new features with engineering teams
- Provide security SME consultation and guidance to internal teams and customers
- Proactively anticipate emerging security requirements and recommend policies, procedures, and controls
- Develop and lead secure software development training for Product and Engineering teams
- Contribute hands-on to on-call rotations, DLP, IAM, and SOC work
- Work directly with senior leadership to report on domain performance, communicate security metrics, and manage project planning and execution
Requirements
- 5+ years of experience as a security engineer, with a focus on defining and driving security initiatives within an engineering-centric organization
- Proven ability to provide technical leadership and mentor other engineers
- Extensive experience with the secure software development lifecycle and security best practices
- Ability to translate strategic ideas into mature projects using scripting, automation, and GenAI platforms (e.g., Gemini, ChatGPT, Claude)
- Deep knowledge of the Product Security domain and hands-on experience in other core security areas (on-call, DLP, IAM, SOC)
- Experience triaging and mitigating vulnerabilities from tools like HackerOne, Detectify, and GitHub Advanced Security
- History of driving security outcomes by collaborating with engineering, product, and senior leadership
- Bonus: Experience designing/implementing SASE, CASB, or RASP
- Bonus: Hands-on experience with application patch management, software supply chain security, or artifact repositories like JFrog and Snyk
- Bonus: Background at a SaaS company, experience with data analytics and Google enterprise security stack (GCP and Google Workspace)
- Bonus: Experience with control frameworks including SOC 2 Type 2, ISO 27001, ISO 27701
- Bonus: Relevant professional certifications (e.g., CISSP, CCSP, OSCP) or an advanced degree in a related technical field
Similar jobs on JobTailor
Software Engineer - Recent Graduate
PayPal
AWSAzureCloudGoogle Cloud PlatformJavaMicroservicesNoSQLSDLCSQL
Consulting Director – Specialized and Proactive Services
Palo Alto Networks
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Customer Assurance Analyst
Wiz
AWSAzureCloudCyber SecurityGoogle Cloud Platform
DevOps Engineer
Lucidworks
CloudCyber SecurityDistributed SystemsGoGoogle Cloud PlatformKubernetesLinuxPythonTerraform