Listing Description

Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, pets, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of ecommerce, Poshmark makes buying and selling simple, social, and sustainable. 

What You’ll Do:

Become deeply involved in learning the tech stack, security products and processes, implement new technologies, security standards and best practices that may run in production. We’re nothing without our amazing team of leaders, innovators and dreamers; the people who put all the pieces together to deliver an unparalleled social shopping experience to the millions of people we connect each day.

Responsibilities

• DevSecOps, security automation


• Automate some of the security processes to shift left security and auto remediate critical issues


• Perform threat modeling security risk assessments of systems and provide recommendations to engineering teams


• Triage security issues reported by bug bounty platforms


• Develop standards and guidelines for specific product security areas


• Develop or modify security reporting capabilities

Experience relevant to Poshmark:

• Pursuing a Information security or Computer Science degree (or related field)


• Passionate about technology and security


• Good understanding of different security concepts and models in area of product, Infra, network and other security related areas


• Strong coding and automation skills using Python, Java etc.


• Well versed with data structures, algorithms and related computer science concepts


• A curious nature with a desire to tackle and solve complex problems


• Non-academic coding experience - Experience with Ethical hacking, participated in public bug bounty programs like BugCrowd/HackerOne or others


• Developing or contributing to opensource security projects. Example - OWASP projects