SailPoint

SailPoint is the leader in identity security for the modern enterprise.

Remote

Hybrid

View Profile

Jobs//Cybersecurity + IT//

Staff Product Security Engineer

Sorry, this job was removed at 5:20 a.m. (CST) on Sunday, January 30, 2022

View 143 Jobs

Find out who's hiring in Austin.

See all Cybersecurity + IT jobs in Austin

View 143 Jobs

Apply

By clicking Apply Now you agree to share your profile information with the hiring company.

Save job

SailPoint is seeking a Staff Product Security Engineer as part of execution for an industry-leading Product Security program. As a provider of both SaaS and enterprise software for some the world's most prestigious organizations, SailPoint strives for best-in-class security for its product offerings. This critical role will be responsible for performing highly technical hands-on work related to Product Security as well as be a key player in designing the overall strategy of the Product Security Program at SailPoint.
The ideal candidate will be highly collaborative and customer service oriented; balancing the right level of security with business objectives and working to creatively solve complex Product Security related problems.
This is a challenging and impactful role with security responsibilities that all product offerings and can be REMOTE or based in Austin, TX.
Responsibilities:

Configure, maintain, and tune all pipeline and traditional product and application security technologies.
Continuously reduce false positives through calculated and repeatable suppressions to ensure utilization and adoption of the technology(s).
Participate in expanding/maturing the SailPoint S-SDLC program
Responsible for proactive scanning/auditing in early phases of the SSDLC as well as reactive scanning/auditing in later phases of the SSDLC, triage and comms to DEV teams .
Participate in expanding/maturing the SailPoint S-SDLC program
Assists tech leads and developers with technical approach for remediation.
Support automation and tooling of security technologies to be leveraged by development teams.
Assist in developing custom software quality tests and Security as Code solutions.
Review designs for security defects, perform threat modelling and identify remediation solutions.
Provide training, guidance, and assistance to development teams early in the SSDLC.
Cultivate security ownership in the product teams.
Communicate new security services to product teams and assist with security integration, requirement gathering, and troubleshooting failures.
Manage product/application vulnerabilities in a consistent manner to prioritize, advise, monitor, and validate remediation.
Produce metrics based on product findings and vulnerabilities, to include customer facing true positives and SLAs/KPIs.
Provide input to security risk impact assessment .
Work closely with engineering to sustain processes and/or convert manual integrations to automated pipeline activities.
Be a key advisor to the overall strategy and roadmap of the Product Security Program.
Be a part of the Product Security Incident Response Team (PSIRT) at SailPoint.

Requirements:

Bachelor's degree with 12+ years of experience/Master's degree with 8+ years of experience in IT Security
6-8 years of Technical Product Security related experience around SSDLC tooling, automation, remediation advisory, security testing, threat modeling/attack surface analysis.
US Citizenship is required due to the nature of the role
Proven track record of solving complex Product Security issues and protecting products using a risk-based approach.
Extensive knowledge of the current Product Security threat landscape and industry best practices.
Knowledge of compliance/certification frameworks such as ISO27001, SOC2, FedRAMP, SOX, GDPR from a Product Security standpoint is a plus.
Experience working in Agile development with experience in the following technologies:
- Containers (Docker, Kubernetes, or similar)
- Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
- Continuous integration (Jenkins, Bamboo, Hudson, or similar.)
- Integration of Security testing tools into pipeline
- Defect tracking (Jira, Bugzilla, ServiceNow, or similar.)
- Source code management (GitLab, GitHub, BitBucket, or similar.)
- QA Testing tools (nUnit, jUnit, Selenium, Cucumber, or similar.)
- Application security testing tools (SAST, DAST, IAST, SCA, or similar.)
- Various *nix distributions
- Cloud environment (AWS, Azure, or similar)
Ability to innovate and find creative solutions that balance the needs of the business with the needs of security.
Minimal travel (
Certification such as OSCP, GSEC, GPEN, CISSP, CSSLP

SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Apply Now

By clicking Apply Now you agree to share your profile information with the hiring company.

Save job

Email For Later

loading ...

Emailed

By clicking Apply Now you agree to share your profile information with the hiring company.

Laurie Evans

SVP, Digital Sales

A FOCUS ON BELONGING

Building the foundation for success

“It’s important to build the right leadership team to motivate and inspire an organization of sellers,” Laurie Evans said. Evans leads the digital sales organization of more than 120 team members who assist customers throughout the buying journey. To cultivate an environment where everyone can be successful, she prioritizes building a diverse, equitable and inclusive culture. “One of the first things I championed was a culture committee. This cross-sectional team coordinates awards, recognitions and fun events to ensure every person feels a sense of belonging, excitement and celebration.”

I find the greatest honor in leading everyone to success and helping build careers.

Loren Veyrheden

Manager, Engineering

TAKING THE LEAD

Everyone has opportunities to grow

Loren Veyrheden mentors each of her engineering team members to help guide their professional development. She explained that understanding their goals “allows me to be creative in how I come up with opportunities for people.” Her team is always connected and ready to jump in when a peer needs help. And to make sure everyone has the opportunity to grow their leadership skills, Veyrheden said team members “take turns leading our Agile ceremony meetings to practice communication skills, facilitating meetings, driving decisions and leading through ambiguity.”

Everyone is extremely supportive and ready to try new things that might improve how we work.

Ross Shwarts

Manager, Professional Services

CONNECTING ACROSS TEAMS

Sharing our personal and professional selves

Understanding the importance of connections, Ross Shwarts sets up weekly one-to-ones with his direct reports. “Sometimes we talk about work; sometimes we talk about ridiculous things our kids do. This time together helps me understand what is important to them personally and professionally.” To ensure his team members feel valued and heard, they regularly spend time as a group to work through problems. And when an occasional project requires long hours to complete, it doesn’t go unnoticed. “My boss will help me close out the project, then tell me to take some time to go do something fun.”

SailPoint has always enabled me to work flexible hours during weeks when I need to watch my kids or deal with things like a snowpocalypse.

What are SailPoint Perks + Benefits

SailPoint Benefits Overview

Experience a Small-company Atmosphere with Big-company Benefits

Culture

Volunteer in local community

Our crew members value working for an organization that prioritizes giving back to the community, and we have engaged in many community initiatives over the past year.

Partners with nonprofits

In the past year alone we have supported many notable organizations, including Code2College, nonPareil, Black Girls Code, Foundation Communities, and HealthCode.

Open door policy

OKR operational model

Team based strategic planning

Open office floor plan

Flexible work schedule

SailPoint's hybrid work environment reinforces the flexibility that has existed within our culture for many years.

Remote work program

As an organization that values impact over activity, we encourage crew members to manage their work schedules so they can be at their most effective within parameters established by their teams.

Diversity

Documented equal pay policy

Mean gender pay gap below 10%

Diversity employee resource groups

Slack is how we come together as a global team, and we have offer several Employee Resource Group channels where we celebrate our differences and encourage sharing and connection.

Hiring practices that promote diversity

We prioritize hiring practices that promote diversity. This year, for example, we launched SAIL-U to help grow our team in partnership with HBCUs and historically LatinX colleges and universities.

Health Insurance & Wellness Benefits

Flexible Spending Account (FSA)

Disability insurance

Dental insurance

Vision insurance

Health insurance

Life insurance

Financial & Retirement

401(K)

401(K) matching

Employee stock purchase plan

Performance bonus

Child Care & Parental Leave Benefits

Generous parental leave

SailPoint offers generous parental leave with the primary caregiver being able to take 80 fully-paid business days. Secondary caregivers can take 20 fully-paid business days.

Family medical leave

Company sponsored family events

SailPoint's crew love to celebrate together, whether at a family-friendly summer BBQ or Halloween party, or while volunteering and giving back to our local communities.

Vacation & Time Off Benefits

Unlimited vacation policy

Paid holidays

Office Perks

Company-sponsored outings

When possible, SailPoint brings crew together for summer camps, quarterly meetings and other team-based events.

Free snacks and drinks

Some meals provided

Company-sponsored happy hours

Onsite office parking

Recreational clubs

Home-office stipend for remote employees