Product Security Engineer

Sinch is looking for a product security engineer to ensure we are building the most secure products possible. We are looking for someone who has experience with software development and would like to take the next step and specialize in application security. You will be learning to use application security testing tools and will be working closely with team members across engineering and product to help shift security to the left.

The essence of the role

• Working with software engineering teams to ensure standard methodologies are followed in constructing application code.
• Creating application threat models and validating that the appropriate security controls are properly implemented.
• Monitor application security scanning systems output to help identify and remediate issues in applications.
• Planning and coordinating Application Development Security training including advising and training development teams on secure coding practices.
• Explain the nature of software vulnerabilities and options to remediate those vulnerabilities.
• Occasionally work directly with customers.

In order to contribute in this role you have:

• 5+ years' experience constructing web application software with modern software languages such as Java, C#, Python, and Javascript.
• 3+ years' experience in an application security role.
• Experience building application threat models, threat assessments, and providing compensating security controls for those threats.
• Experience in working with RDBMS such as MySQL, MS SQL Server, DB2, Oracle and PostgreSQL.
• Excellent understanding of the OWASP Top 10 web application security risks.
• Excellent communication, innovation, critical thinking, problem-solving, planning, prioritization, project management, collaboration and organization skills.
• Conflict management and resolution skills.
• Solid experience with techniques, standards and methods for authentication and authorization, applied cryptography, security vulnerabilities and remediation.
• Knowledge of Source Code Management systems such as Github or Gitlab.
• Occasional experience working directly with customers.

Big plus!

• 4+ years' experience using SAST/DAST/SCA application security tooling.
• Experience in the telecommunications industry.
• Experience performing application security assessments using Pro and other application security testing tools.
• Experience with public clouds such as AWS, GCP, and Azure and cloud security frameworks such as AWS Well-Architected.

Being you at Sinch:

• We're a worldwide group of people, committed to diversity. We're working to offer an increasingly inclusive workplace wherever you are. No matter who you are, you'll be able to explore new career and growth options - sharing your voice, building your path and making it happen with us.
• We’re proud to be an equal opportunity employer, and all qualified applicants will be considered to join our team regardless of race, colour, religion, gender identity or expression, sexual orientation, pregnancy, disability, age, veteran status, and more.

Your life at Sinch:

• Being a Sincher is all about learning and being in pursuit of new challenges. Working in the offices, at home, or in a hybrid model, that means celebrating change and the unknown, rolling up your sleeves and seeing what impact you can have on the world. The only way is up, and you’ll be reaching for the opportunities that match where you want to take your career. It’s closer than you think.
• It’s time to chase the answers, chase the challenges and chase the dream.

 Are you ready? Join us on our journey!