Gong Sr Product Security Engineer 

Israel, Tel Aviv District, Tel Aviv-Yafo 

892530668

As a Sr. Product Security Engineer, you'll play a pivotal role in leading product security initiatives, ensuring robust protection against potential vulnerabilities, and shaping secure coding practices across the organization. Your expertise will drive the security of our products to new heights.

As a Sr. Product Security Engineer you will be responsible for:

• Cross-Functional Leadership: Lead cross-functional team activities, integrating advanced security best practices throughout the product development lifecycle.
• Security Assessments: Conduct and oversee regular security assessments, including in-depth code reviews, threat modeling, and vulnerability assessments, to identify and mitigate security weaknesses.
• Security Controls: Develop, implement, and automate sophisticated security controls and mechanisms to protect against unauthorized access, data breaches, and other security threats.
• Secure Architecture: Architect and design secure software and infrastructure components, ensuring scalability, reliability, and robustness.
• Cloud Security: Implement and manage cloud security measures, ensuring the security of our cloud infrastructure and services.
• Security Tools Utilization: Utilize security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST) to identify and address security vulnerabilities.
• Mentorship: Mentor and guide developers and DevOps teams, fostering a culture of security awareness and continuous improvement.
• Stay Updated: Stay updated with the latest security trends, threats, and technologies, and proactively implement improvements to our security posture.
• Collaboration: Collaborate with other security teams to address vulnerabilities and enhance our security protocols.

You should apply if you have:

• 5+ years of experience in Information Security.
• Extensive experience and deep understanding of software development fundamentals and secure coding principles.
• Proficiency in identifying and mitigating common and advanced security vulnerabilities and attack vectors, including an in-depth understanding of the OWASP Top 10.
• Significant experience developing and securing web applications using technologies such as Java, JavaScript, Python, TypeScript, and React.
• Strong expertise in cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
• Proficiency with version control systems and CI/CD tools such as GitHub, GitLab, Jenkins, and others.
• Experience with security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST).
• Strong analytical and problem-solving skills with the ability to think critically and strategically.
• Excellent communication and collaboration skills with the ability to influence and drive security initiatives across the organization.
• Experience mentoring and guiding junior engineers, developers, and DevOps teams in security practices.

for more details.