Senior Product Security Engineer
| Company | SoFi |
|---|---|
| Location | Frisco, TX, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- Proficiency with programming languages, automation tooling, and API integrations
- Demonstrate deep understanding of Docker, Kubernetes, and CI/CD pipelines
- Good understanding of cloud services, AWS, and Well-Architected Framework security pillar
- Proficiency in managing services using Infrastructure as Code (IaC) such as Terraform and Helm/Kustomize/ArgoCD
- Knowledge of network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, DNS, routing protocols)
- Service Mesh/Istio, microsegmentation, and network security
- Ability to prioritize between and execute on multiple work streams
- Written and verbal skills for communicating security concepts and solutions
- Secure software development lifecycle / ‘Shift Left’
Responsibilities
- Deploy product security tools like SAST, DAST, IAST, SCA, etc to help uncover security issues early in the software development lifecycle.
- Build secure integrations following the SDLC process with various internal and external tools to create agile software security solutions.
- Keep security tools and deployments up to date. Ensure regular patching and upgrades and smooth running of tools.
- Help review development lifecycle integration with security tools and triage / debug any integration issues.
- Manage cloud security and WAF solutions to ensure SoFi’s infrastructure is secure.
- Participate in proof of concept to evaluate security solutions and services to help strengthen SoFi’s products against advanced Cybersecurity attacks.
- Work closely with security operations and application security engineers to review security gaps and develop mitigation strategies.
- Help with automation to support compliance with various regulatory and industry standards requirements.
Preferred Qualifications
- Bachelor’s degree in Computer Science or equivalent from a fully accredited college or university
- 4+ years experience in DevOps and Cloud/Infrastructure engineering
- Experience with cloud-native products and an in-depth understanding of microservice topologies and implementations
- 4+ years of experience with cloud technologies
- Ability to manage relationships with other business units, external vendors, and stakeholders when IT security risks are present and system or process changes must be made to mitigate risk
- Familiarity with AWS and at-scale services
- Knowledge of CI/CD, application development, and testing tools
- Ability to work in a fast-paced and Agile development environment
- Work and play well with others; SoFi is a collaborative environment