Product Security Engineer
Ping Identity | Security (8100)
Ping Identity is the visionary leader in the Identity and Access Management market. We are pioneering the use of identity as the basis of security in large enterprises globally.
Ping Identity is looking for an Application Security Engineer to join their Security team. Seeking information technology security analysis and expertise. Come be part of something extraordinary.
As an Application Security Engineer working in our Austin office you will gain invaluable experience at a visionary security company. The position requires a passion for application security, the ability to work in a fast moving, distributed and agile environment, excellent communications skills, and attention to latest security best practices.
- Own Security Engineering for assigned Ping Identity products and tools
- Assist in developing and implementing Secure Software Development Lifecycle (SSDLC) practices
- Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment
- Perform security tasks including (but not limited to) threat modeling, secure code analysis, training, static, dynamic and interactive analysis, fuzz testing, automated and manual security testing
- Innovate the automation of SSDLC tasks
- Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security
- Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product
- 2+ years of performing Web Application Security
- 3+ years of developing commercial products (experience in Java preferred)
- Experience in securing mobile applications
- Understanding of network protocols and architectures such as TCP/IP, UDP, IPv6, IPSEC, TLS, HTTP/S, routing protocols
- Exceptional problem-solving skills, curious about the inner workings of systems and show attention to details
- Excellent written and oral communication skills
- Experience with Linux environments, administration, security, internals
- Experience with identity management (OAuth 2.0, OpenID Connect, SAML, Active Directory, MFA, LDAP, SCIM, etc.)
- Experience in securing native, desktop, cloud or mobile applications
- Experience with cloud deployment in Amazon AWS, Azure or Google Cloud
- Security certifications such as CISSP, CSSLP, GIAC, OSCP