 |
Staff Security Engineer - San Francisco California
Company: Tbwa Chiat/Day Inc
Location: San Francisco, California
Posted On: 01/23/2025
Postman is the world's leading API platform, used by more than 35 million developers and 500,000 organizations, including 98% of the Fortune 500. Postman is helping developers and professionals across the globe build the API-first world by simplifying each step of the API lifecycle and streamlining collaboration-enabling users to create better APIs, faster.The company is headquartered in San Francisco and has an office in Bangalore, where it was founded. Postman is privately held, with funding from Battery Ventures, BOND, Coatue, CRV, Insight Partners, and Nexus Venture Partners. Learn more at postman.com or connect with Postman on X via @getpostman.As a Staff Security Engineer at Postman, you will be responsible for developing, maintaining, and evolving the security architecture across Postman's product lines. This role requires a deep understanding of security principles, cloud technologies, and product security best practices. You will work closely with product teams, engineering, and DevOps to integrate security into the architecture, ensuring robust protection against threats.What You'll Do - Security Architecture Design: Collaborate with product teams to maintain a security architecture framework that supports the secure deployment of Postman products and services. This includes advising GRC / Legal on security policies.
- Threat Modeling & Risk Assessment: Lead threat modeling and risk assessment to identify security vulnerabilities in existing and new systems. Recommend appropriate mitigation strategies.
- Technology Review & Evaluation: Evaluate new technologies and architectures from a security perspective, ensuring they meet security requirements.
- Security Strategy: Contribute to the development of long-term security strategy and roadmaps, ensuring alignment with product goals and business objectives.
- Incident Response: Work closely with the SOC to understand gaps in product architecture.
- Mentorship & Leadership: Mentor and provide guidance to junior security engineers and architects on security architecture principles and best practices.About YouExperience:
- 15+ years in a security architecture role with a focus on software products and platforms.
- Experience working within fast-paced, cloud-native environments.
- Proven experience with securing distributed systems, microservices, and APIs.
- Demonstrated knowledge of security frameworks, industry standards, and regulations (e.g., ISO 27001, SOC 2, GDPR).
- Hands-on experience with DevSecOps principles and integration of security within CI/CD pipelines.
- In-depth knowledge of cloud security best practices on the following platforms (AWS, Azure, Google Cloud).
- Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.
- Experience working cross-functionally with product, engineering, and operations teams.
- Proven leadership in driving security initiatives and integrating security into product development lifecycles.Preferred Skills:
|
 |
RSS Job Feeds