Senior Product Security Engineer
- Toast
- 5 - 9 years
- Bengaluru
- 2 months ago
- Email to a friend
- Report this job
Job Description
- Identify, triage, and provide remediation guidance for application vulnerabilities.
- Select, implement, design, or build tools to thwart attacks of all shapes and sizes.
- Improve developer tooling and adoption to build a more robust SSDLC.
- Practice a #OneTeam attitude to help other Toast teams make informed, security-conscious. decisions when building new software.
- Support and expand the Security Champions program, providing edge security guidance and training.
- Assist incident response teams with application security expertise and tools.
- Think like an attacker to identify weaknesses in application architecture.
- Support Cloud and Network Infrastructure Engineerings implementation of edge security solutions.
- Influence the implementation and rule maintenance of our WAF strategy and other edge security solutions.
- Advise on WAF rules and policies to protect against common and emerging threats.
- Conduct regular assessments of our edge security posture and recommend improvements.
- Provide expertise on Content Delivery Networks (CDNs) and their security features.
- 5+ years of experience in application security
- Strong knowledge of common web application vulnerabilities and edge-based attack vectors.
- Proficiency in analyzing web traffic patterns and identifying anomalies.
- Knowledge of compliance standards relevant to the financial industry (e.g., PCI DSS, SOC 2).
- Excellent problem-solving skills and ability to think creatively about edge security challenges.
- Strong communication skills, with the ability to explain complex edge security concepts to both technical and non-technical audiences.
- Strong understanding of cloud application architecture and common weaknesses.
- Understanding of WAF configuration, tuning, and optimization.
- Popular WAF solutions (e.g., AWS WAF, Cloudflare, Akamai, ModSecurity).
- Familiarity with CDN technologies and their security features.
- Cloud and container security technologies and SSDLC tooling (e.g. SAST/DAST/SCA)
- Infrastructure-as-code (IaC) technologies like Terraform to manage cloud security services
- Securing financial technologies
Job Classification
Industry: Software ProductFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Application Security EngineerEmployement Type: Full timeContact Details:
Company: ToastLocation(s): Bengaluru
Keyskills: PCI DSS remediation cloud security Web technologies SOC Finance Security services Infrastructure Application security application architecture
Similar positions
Toast
Toast empowers restaurants of all sizes to build great teams, increase revenue, improve operations, and delight guests. We pair our deep understanding of the restaurant industry with powerful cloud based software and restaurant-grade hardware to deliver an intuitive, all-in-one platform, across poin...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in