Senior Product Security Engineer
- Toast
- 5 - 9 years
- Bengaluru
- 9 months ago
- Email to a friend
- Report this job
Job Description
- Identify, triage, and provide remediation guidance for application vulnerabilities.
- Select, implement, design, or build tools to thwart attacks of all shapes and sizes.
- Improve developer tooling and adoption to build a more robust SSDLC.
- Practice a #OneTeam attitude to help other Toast teams make informed, security-conscious. decisions when building new software.
- Support and expand the Security Champions program, providing edge security guidance and training.
- Assist incident response teams with application security expertise and tools.
- Think like an attacker to identify weaknesses in application architecture.
- Support Cloud and Network Infrastructure Engineerings implementation of edge security solutions.
- Influence the implementation and rule maintenance of our WAF strategy and other edge security solutions.
- Advise on WAF rules and policies to protect against common and emerging threats.
- Conduct regular assessments of our edge security posture and recommend improvements.
- Provide expertise on Content Delivery Networks (CDNs) and their security features.
- 5+ years of experience in application security
- Strong knowledge of common web application vulnerabilities and edge-based attack vectors.
- Proficiency in analyzing web traffic patterns and identifying anomalies.
- Knowledge of compliance standards relevant to the financial industry (e.g., PCI DSS, SOC 2).
- Excellent problem-solving skills and ability to think creatively about edge security challenges.
- Strong communication skills, with the ability to explain complex edge security concepts to both technical and non-technical audiences.
- Strong understanding of cloud application architecture and common weaknesses.
- Understanding of WAF configuration, tuning, and optimization.
- Popular WAF solutions (e.g., AWS WAF, Cloudflare, Akamai, ModSecurity).
- Familiarity with CDN technologies and their security features.
- Cloud and container security technologies and SSDLC tooling (e.g. SAST/DAST/SCA)
- Infrastructure-as-code (IaC) technologies like Terraform to manage cloud security services
- Securing financial technologies
Job Classification
Industry: Software ProductFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Application Security EngineerEmployement Type: Full timeContact Details:
Company: ToastLocation(s): Bengaluru
Keyskills: PCI DSS remediation cloud security Web technologies SOC Finance Security services Infrastructure Application security application architecture
Similar positions
Toast
Toast, Inc. is a cloud-based restaurant management software company founded in 2012, offering an Android-based point of sale (POS) system for restaurants and bars. The company went public in 2021 and is valued at around $20 billion. Toast is used in approximately 120,000 US restaurants and expande...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in