Samsara

Senior Security Engineer – Threat Modeling

Samsara

full-time

Posted on:

Location Type: Remote

Location: CaliforniaNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $157,675 - $238,500 per year

Job Level

Senior

Tech Stack

AWSPythonSDLC

About the role

  • Lead and own ongoing operation and maintenance of Samsara’s threat modeling program, ensuring consistent execution of processes
  • Assist in detecting, raising risks found within the Samsara ecosystem, and recommending best next steps while balancing business needs
  • Work closely with the Vulnerability Technical Program Manager to generate and distribute monthly and quarterly compliance reports
  • Collaborate with engineering teams to track and support the remediation of identified vulnerabilities, providing guidance on best practices
  • Participate in security incident investigations related to high-profile vulnerabilities, helping gather data and assess potential impact on Samsara infrastructure
  • Contribute to documentation and process improvements to streamline risk management workflows
  • Champion Samsara’s cultural principles in daily work
  • Be regularly on call to support

Requirements

  • 6+ years of relevant experience with demonstrated impact for application or product security and threat modeling in an enterprise environment
  • Deep familiarity with OWASP Top Ten, the STRIDE threat modeling framework (or equal such as PASTA or DREAD), MITRE ATT&CK
  • Defining and driving SDLC adoption with business focused engineers
  • Experience managing Bug Bounty programs such as Bug Crowd
  • Strong familiarity with common security vulnerabilities and the ability to judge their severity and impact on the business
  • Experience coding with Python or GoLang
  • Security certifications such as CISSP, AWS Certified Security Specialty, or equal
  • Experience and knowledge of FedRAMP and other regulatory security requirements
  • Experience with Semgrep or Wiz
Benefits
  • Competitive total compensation package
  • Employee-led remote and flexible working
  • Health benefits
  • Opportunities for rapid career development
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
threat modelingapplication securityproduct securitySDLC adoptioncoding with Pythoncoding with GoLangsecurity vulnerabilities assessmentBug Bounty managementSemgrepWiz
Soft Skills
leadershipcollaborationcommunicationrisk managementprocess improvementproblem-solvingdata analysiscultural principles advocacyguidance provisionon-call support
Certifications
CISSPAWS Certified Security Specialty