Remote › 100% remote position (in US or Canada)(Posted Dec 3 2021)
About the company MaxMind provides IP intelligence through the GeoIP brand. Over 5,000 companies use GeoIP data to locate their Internet visitors and show them relevant content and ads, perform analytics, enforce digital rights, and efficiently route Internet traffic. Businesses can obtain additional insights into their customers' connection speeds, ISPs, and more using GeoIP data. MaxMind's industry-leading minFraud service helps businesses prevent fraudulent online transactions and reduce manual review. The minFraud service is used to screen over 175 million e-commerce transactions and account registrations a month. Over 7,000 e-commerce and other online businesses benefit from the minFraud service through our client and partner networks.
starting at $130,000 USD or starting at $160,000 CAD with the specific offer depending upon skills and experience
MaxMind (www.maxmind.com) is looking for a talented, experienced, and highly motivated Product Security Engineer. We help protect thousands of companies worldwide from fraud, screening over a billion online transactions each year, and we provide IP intelligence data to thousands more. We want your expertise in supporting MaxMind’s product and development teams in the area of application security. This is a great opportunity for an experienced security engineer to execute their vision of what an effective and robust DevSecOps program should be.
We are hiring anywhere in Canada and in the following US states: CA, CO, FL, LA, MN, NV, NY State (excluding New York City and Yonkers), NC, OR, PA, TX, WA.
MaxMind does not currently sponsor US employment visas. For Canadian candidates, you must be eligible/authorized to work in Canada.
MaxMind employs a federated security operating model in order to move quickly and integrate security expertise in the engineering and development teams. Working with the Information Security Manager and Software Architects, you will have ownership of MaxMind’s secure software development practices.
Our salary range for Security Engineer roles begins at $130,000 USD or $160,000 CAD (in Canada), with the specific offer depending upon skills and experience. See more about benefits and compensation below.
This is a full time remote position.
On any given day you may end up doing any of the following:
- Conduct design reviews with engineers to make sure the right security features are making it into the products - taking into consideration the domestic, international, and industry security and privacy regulations and frameworks.
-Participate in and support application security reviews and threat modeling, including: Secure code review. Support the code review process by providing 1-1 guidance, group training, creating documentation as needed, and performing ad hoc secure code review as needed. Dynamic testing, using tools like Burp Suite or mitmproxy for examining app interactions.
- Design and drive application security vulnerability management across different technologies. You will coordinate with engineering teams to validate findings, prioritize findings/assets, remediate and verify mitigations, and internal reporting for management.
- Assist with vendor reviews by evaluating new and existing vendors. As well as evaluating tools, libraries, services, and other software for security and privacy issues.
Coordinate the creation and maintenance of technical security documentation.
Identify areas for internally created and externally provided application security training.
- Assist in development of automated tooling and processes to support our internal operations. For example, creating audit scripts to help with compliance efforts.
- Assist with risk assessments and security questionnaires.
- Practice security assurance by identifying and directing areas to enhance monitoring in order to verify that policy and procedures are adhered to and that controls are operational.
- Lead Information Security policy creation and maintenance of application and developer focused policies by refactoring security policies and standards to focus on the right controls, using ISO 27001, SOC, OWASP, and NIST frameworks.
- As a member of the incident response team, assist with the overall lifecycle of an incident, from triaging to lessons learned.
About You - Minimum Qualifications
- Experience commensurate with 5 years of work in an application, product, or security engineering related role.
- Experience with coding and reading multiple programming languages in the context of web services and secure coding practices.
- Knowledge of penetration testing techniques and ability to implement them appropriately.
- Ability to configure, operate, and tune vulnerability scanning tools.
- Ability to lead threat modeling.
- Strong knowledge of secure development practices for web applications and services, and capability to train others in them.
Highly desired, but not required
- Front-end and/or back-end development experience.
- Experience working with static and/or dynamic programming languages.
- SQL databases, ideally PostgreSQL.
- Application security experience in a cloud environment.
Diversity and Inclusion
We're committed to diversity and inclusion and are mindful of incorporating them into all aspects of our company.
We encourage and sincerely welcome applications from candidates of color, women, queer candidates, candidates with family caregiving responsibilities, transgender candidates, and from other communities not well represented in the tech world.
See our complete diversity and inclusion statement - https://www.maxmind.com/en/company/working-at-maxmind.
You can read more about our company and benefits in our full job description, click Apply below to go to our site.
Resumes without cover letters will not be considered. We want to know about you. Please tell us why you’re interested in MaxMind and in this position in particular. Please share any projects or accomplishments and include a link so we can learn more. One of the first steps in our interviewing process is a homework assignment, and we will ask you for a submission so we can gain insight into your work.
Instructions how to apply Apply at this url: https://www.golangprojects.com/golang-go-job-exp-Remote-Product-Security-Engineer-MaxMind-Inc-remotework.html Please mention that you found the job at Golangprojects.com
[ job website ]