Lead and own ongoing operation and maintenance of Samsara’s threat modeling program, ensuring consistent execution of processes
Assist in detecting, raising risks found within the Samsara ecosystem, and recommending best next steps while balancing business needs
Work closely with the Vulnerability Technical Program Manager to generate and distribute monthly and quarterly compliance reports
Collaborate with engineering teams to track and support the remediation of identified vulnerabilities, providing guidance on best practices
Participate in security incident investigations related to high-profile vulnerabilities, helping gather data and assess potential impact on Samsara infrastructure
Contribute to documentation and process improvements to streamline risk management workflows
Champion Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) in daily work
Be regularly on call to support

Requirements

6+ years of relevant experience with demonstrated impact for application or product security and threat modeling in an enterprise environment
Deep familiarity with OWASP Top Ten, the STRIDE threat modeling framework (or equal such as PASTA or DREAD), MITRE ATT&CK
Defining and driving SDLC adoption with business focused engineers
Experience managing Bug Bounty programs such as Bug Crowd
Strong familiarity with common security vulnerabilities and the ability to judge their severity and impact on the business
Experience coding with Python or GoLang

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

threat modelingapplication securityproduct securitySDLCPythonGoLangOWASP Top TenSTRIDEMITRE ATT&CKBug Bounty

Soft Skills

risk managementcollaborationcommunicationprocess improvementcustomer focusteamworkinclusivitygrowth mindset