Product Security Engineer - Pendo Raleigh, North Carolina, United States Bookmark Share Print 78 0 0

Listing Description

Pendo is seeking a Product Security Engineer to join our growing Information Security team in Raleigh, North Carolina.  Reporting to our Manager of Product Security, you will be fulfilling a mission-critical role by helping to proactively identify and address security vulnerabilities in our products. We will be hiring for this role at either the associate, mid-level, or senior level depending on the candidate’s experience. A demonstrated passion for learning and a customer-focused mindset are critical for success. 


 


Responsibilities (what you’ll do):


As a member of Pendo’s Information Security team, you may be assigned to work solo or with other team members on tasks such as the following:



  • Responding to and triaging potential vulnerabilities that have been identified through internal processes (e.g. SAST, DAST, or composition analysis scans) or external sources (e.g. penetration tests or customer reports)

  • Writing tickets for each verified vulnerability

  • Identifying and assigning vulnerabilities to appropriate teams

  • Following up with teams to ensure prioritization of vulnerabilities in the appropriate sprints

  • Ensuring vulnerabilities are remediated within the designated SLA requirements

  • Maintaining security vulnerability dashboards and metrics

  • Deploying and managing application security vulnerability security tools

  • Identifying opportunities to automate tasks, and developing scripts to do so

  • Documenting processes in run books

  • Coordinating plans and operational tasks with auditors, vendors, and customers

  • Periodically conducting security awareness training sessions for Pendo staff

  • Note that some on-call work will be required


 


Qualifications (what you have):



  • A solid foundation of security knowledge, which may have been acquired through some combination of formal education, self-study, or on-the-job experience

  • Ability to self-manage assigned project tasks 

  • Ability to work independently with minimal direction

  • Strong written and verbal communication skills

  • Strong critical thinking and decision-making skills

  • A growth mindset and love of learning new technologies


 


Additional Preferred Qualifications:



  • A working knowledge of SAST and/or DAST application security vulnerability scanning tools

  • Demonstrated experience identifying and prioritizing security vulnerabilities

  • Demonstrated experience with threat modeling

  • Demonstrated experience with scripting and coding to automate systems and security administration tasks (e.g. using a language such as Python)


 


Pendo Description:


Pendo was founded in 2013 by former product managers, who combined their heads and hearts to build something they wanted but never had as product managers -- a simple way to understand and attack what truly drives product success.  Our mission is to improve society's experience with software.


Come join one of the fastest-growing startups, supported by best-in-class institutions like Battery Ventures, Salesforce Ventures, Spark Capital and Meritech. You will gain experience in a diverse and exciting set of technologies and clients and have a real impact on Pendo's future. Our culture is passionate, dynamic, and fun.


Benefits:



  • Company Equity

  • Open vacation policy

  • Frequent company and team-building events

  • Lots of company swag...hope you like pink!

  • We are located in Raleigh, North Carolina


EEOC


We are an equal opportunity employer and believe having diverse teams where everyone brings their whole self to Pendo is key to our success. We welcome all people of different backgrounds, experiences, abilities and perspectives.


Accessibility


Pendo is committed to working with, and providing access and reasonable accommodation to, applicants with mental and/or physical disabilities. If you think you may require an accommodation for any part of the recruitment process, please send a request to: accommodation@pendo.io. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765