Product Security Engineer

About SailPoint:

SailPoint is the leader in identity security for the cloud enterprise. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, ensuring workers have the right access to do their job – no more, no less.

About the role:

SailPoint is seeking a Product Security Engineer as part of the execution for an industry-leading Product Security program. As a SaaS and enterprise software provider for some of the world’s most prestigious organizations, SailPoint strives for best-in-class security for its product offerings. This critical role will be responsible for performing highly technical hands-on work related to Product Security as well as be a key player in designing the overall strategy of the Product Security Program at SailPoint.
The ideal candidate will be highly collaborative and customer service oriented; balancing the right level of security with business objectives and working to solve complex Product Security related problems creatively.

Responsibilities 

• Participate in expanding/maturing the SailPoint S-SDLC program.
• Responsible for proactive scanning/auditing in the early phases of the SSDLC as well as reactive scanning/auditing in later phases of the SSDLC, triage and comms to DEV teams.
• Configure, maintain and tune all pipeline and traditional product and application security technologies.
• Continuously reduce false positives through calculated and repeatable suppressions to ensure utilization and adoption of the technology(s).
• Assists tech leads and developers with a technical approach for remediation.
• Support automation and tooling of security technologies to be leveraged by development teams.
• Assist in developing custom software quality tests and Security as Code solutions.
• Review designs for security defects, perform threat modeling and identify remediation solutions.
• Provide training, guidance, and assistance to development teams early in the SSDLC.
• Cultivate security ownership in the product teams.
• Communicate new security services to product teams and assist with security integration, requirement gathering, and troubleshooting failures.
• Manage product/application vulnerabilities in a consistent manner to prioritize, advise, monitor, and validate remediation.
• Provide input to security risk impact assessment​.
• Work closely with engineering to sustain processes and/or convert manual integrations to automated pipeline activities.
• Be a part of the Product Security Incident Response Team (PSIRT) at SailPoint.

Requirements 

• 3-5 years of Technical Product Security related experience around SSDLC tooling, automation, remediation advisory, security testing, threat modeling/attack surface analysis.
• Proven track record of solving complex Product Security issues and protecting products using a risk-based approach.
• Extensive knowledge of the current Product Security threat landscape and industry best practices.
• Experience working in Agile development with experience in technologies such as:
  • Containers (Docker, Kubernetes, or similar)
  • Integration of Security testing tools into the pipeline
  • Defect tracking (Jira, ServiceNow, or similar.)
  • Source code management (GitLab, GitHub, BitBucket, or similar.)
  • Application security testing tools (SAST, DAST, IAST, SCA, or similar.)
• Ability to innovate and find creative solutions that balance the needs of the business with the needs of security.
• As needed, provide on-call support on, and not limited to, after hours and weekends such as in the event of unscheduled incident response efforts

What success looks like in the role

Within the first 30 days you will:

• Get familiar with the product architecture, security policies, and ongoing projects; build relationships with engineering and security teams.

By 90 days:

• Start implementing security initiatives, identify potential vulnerabilities, and contribute to uplift maturing of security program.

By 6 months:

• Lead security initiatives, drive remediation efforts, and establish best practices to strengthen the product’s security posture
• Collaborates with Security Leadership to quick resolution of escalation.

About SailPoint India and our Benefits:

Nestled in the heart of Pune, a bustling hub of technology and culture, the office exemplifies SailPoint's commitment to excellence. Surrounded by a vibrant atmosphere, the Pune office serves as a strategic center for the company, where cutting-edge solutions are crafted and implemented to address the ever-evolving challenges in identity security. With a team of highly skilled professionals, the office embodies SailPoint's values of Integrity, Innovation, Impact and Individuals. 
 
Our Pune team works under a hybrid model enjoying the office 3 days a week (unless otherwise specified). We provide excellent office amenities, competitive salaries and strong benefits: 

• Our benefits program offers medical insurance for employees and their dependents, accident insurance and term life insurance for all employees. All premiums are paid by SailPoint. 

• Company sponsored health-checkups for employees and discounted rates for dependents 

• Annual performance bonus 

• 24 Leaves every year in addition, 10 holidays 

• Flexible Work hours

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.  

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations.  NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.