Listing Description

We are looking for an experienced product security engineer to join the Security Partners team at GitHub. The Security partners team engages engineers and builds a culture of security into our everyday engineering workflows. Team is responsible for supporting and empowering product security champions across the org through impactful knowledge sharing sessions. Team also acts as a liaison between the application security team and the champions community. 

Responsibilities include - 

• Discover needs and drive security solutions across one or more of GitHub’s business units.


• Build deep relationships with product and engineering leaders for assessing security training needs


• Empower the product team and developers through well designed security awareness and security education programs.


• Act as a liaison between GitHub’s security teams and engineering teams to understand product architecture and assessing security needs


• Develop and maintain deep industry expertise in the product security areas


• Supports engineering teams by helping them assess risk, learn to identify architectural gaps, and similar activities.


• Creates secure engineering documentation, guidance, and similar collateral.


• Collaborate with the GitHub’s security teams to plan, develop and run security-related educational events such as CTFs, awareness campaigns, and periodic knowledge sharing sessions.


• Passionate about translating technical concepts into accessible language


• Collaborates with other teams within security to help identify new tools and processes to integrate into GitHub's Secure software development lifecycle.


• Enthusiastic about creating and applying innovative solutions to identified needs.


• Is generally an advocate for secure software development at GitHub.

Qualification

Note: if you are this close to the qualifications described in this posting, please don't let it discourage you from applying. We'd love to hear from you.

• Interest in engaging employees and encouraging the use of security best practices


• Experience in cross-functional collaboration with other teams and business functions


• Experience in managing complex programs, projects, and/or events


• An understanding of product security best practices


• Knowledge of web application vulnerabilities and mitigations


• Known for being a great communicator and collaborator


• Good written and verbal communication skills


• Background ( Software engineer/ developer interested in Security or Security engineer ) 

Preferred Qualifications

• Practical software development skills ( 2+ years) in any programming language (such as Python/ ruby on rails/ Go)


• Working knowledge of modern web security standards ( add examples)


• Experience using Git and GitHub