Homeoffice Senior Product Security Engineer na GitHub, Inc.
GitHub, Inc. · Estados Unidos Da América · Remote
- Senior
About GitHub:As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 150+ million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate and experiment across 420+ million repositories. With all the collaborative features of GitHub, it has never been easier for individuals and teams to write faster, better code.
Locations:In this role you can work from Remote, United States
Overview:
These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role.GitHub Leadership Principles:
Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
Join us, and let’s change the world, together.
EEO Statement:GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate! Candidatar-se agora
Locations:In this role you can work from Remote, United States
Overview:
GitHub is transforming how the world builds secure software, and we are looking for a skilled Product Security Engineer to join our Security Services organization. This role is integral in ensuring the security of our software products by performing comprehensive security analyses, identifying vulnerabilities, and collaborating with product and engineering teams to embed security best practices throughout the development lifecycle.
The ideal candidate is passionate about security, with a strong focus on discovering and mitigating risks across GitHub’s products and services. You will engage with internal and external stakeholders, provide expert guidance, and play a key role in driving security initiatives across the organization.
Responsibilities:- Analyze complex issues using multiple data sources to identify security problems and drive their resolution across systemic security issues.
- Lead large-scale security reviews and work on architectural and design security reviews for feature areas, ensuring best practices for security architecture, design, and development are in place.
- Collaborate with product and engineering teams to integrate security into the design, development, and deployment processes, providing insights on security designs through risk assessments, design reviews, and threat modeling.
- Apply subject matter expertise to identify potential security issues, tools, mitigations, and processes, staying current with the evolving security landscape and sharing expertise with others through coaching.
- Identify, prioritize, and manage moderately complex security issues that cause negative impact to customers, creating and driving the adoption of relevant mitigations.
- Prepare leaders to respond to security threats that have significant reputational risks and translate highly technical information to nontechnical audiences to effectively communicate security risks.
- Develop and maintain secure engineering documentation, guidance, and other collateral to support security best practices across the organization.
Required Qualifications:
- 7+ years experience in security analysis, security research, cyber security, security engineering, software engineering, or relevant area
- OR Associate's Degree AND 6+ years experience in security analysis, security research, cyber security, security engineering, software engineering, or relevant area
- OR Bachelor's Degree AND 5+ years experience in security analysis, security research, cyber security, security engineering, software engineering, or relevant area
- OR Master's Degree AND 3+ years experience in security analysis, security research, cyber security, security engineering, software engineering, or relevant area
- OR Doctorate AND 1+ year(s) experience in security analysis, security research, cyber security, security engineering, software engineering, or relevant area
- OR equivalent experience.
- 1+ year(s) experience in coding or software development.
Preferred Qualifications:
- Experience with cloud security and modern software development practices.
- Relevant security certifications such as OSWE, Burp Suite Certified Practitioner (BSCP), or equivalent.
- Strong expertise in security principles, including the Security Development Lifecycle (SDL), and experience in vulnerability management.
- Proven ability to influence others and effectively communicate and translate complex technical security concepts into actionable insights for diverse technical and non-technical audiences.
- Proven ability to collaborate effectively with cross-functional teams to drive security initiatives.
These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role.GitHub Leadership Principles:
GitHub values
- Customer-obsessed
- Ship to learn
- Growth mindset
- Own the outcome
- Better together
- Diverse and inclusive
Manager fundamentals
- Model
- Coach
- Care
Leadership principles
- Create clarity
- Generate energy
- Deliver success
Our teams are dreamers, doers, and pioneers, leading the way in AI, driving humanitarian efforts around the globe, and even sending open source to Mars (and beyond!). At GitHub, our goal is to create the space you need to do your best work. We’re remote-first and offer competitive pay, generous learning and growth opportunities, and excellent benefits to support you, wherever you are—because we know that people flourish when they can work on their own terms.
Join us, and let’s change the world, together.
EEO Statement:GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate! Candidatar-se agora
