Overview
Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities. Designs and develops security features for products including systems, applications and/or solutions. Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle. Provides product security engineering recommendations and resolves integration and testing issues. Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events. Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues. Leads or participates in security architecture and design review meetings.
Responsibilities
- Provides product security engineering recommendations and resolves integration and testing issues.
- Works in collaboration with DSO, AppSec, Avattacks and SaaSOps.
- Data mining or extracting usable data from valuable data sources
- Using machine learning tools to select features, create and optimize classifiers
- Carrying out preprocessing of structured and unstructured data
- Enhancing data collection procedures to include all relevant information for developing analytic systems
- Processing, cleansing, and validating the integrity of data to be used for analysis
- Analyzing large amounts of information to find patterns and solutions
- Developing prediction systems and machine learning algorithms
- Presenting results in a clear manner
- Propose solutions and strategies to tackle business challenges
- Collaborate with Business and IT teams
- Create Dashboards
- Providing training, education, awareness, and communication to development and engineering groups
- Develop new solutions from scratch to ease the job for Product Security Engineers
- Evaluate the new tools and do PoCs to implement them
Qualifications
- 9-12 years' experience software development experience, preferring Go and Python
- Deep technical knowledge and experience identifying, triaging, and remediating application vulnerabilities including the OWASP Top 10
- Experience working with a variety of development tools, languages, and environments, including .NET, Java, PHP, Node.js, Ember, SQL Server, and Amazon Web Services, Kubernetees, Go Lang
- Experience with machine learning
- Experience working in a multi-tenant SaaS environment, service-oriented architecture, and web service security.
- Experience with agile software development processes and methodologies
- Working knowledge of source code repositories including Git
- Experience developing and securing applications in AWS.
Preferred Qualification
- Bachelor's Degree in Computer Science, Engineering, or related field
- Experience working with web vulnerability scanners such as Acunetix WVS or NTO Spider
- Security certifications including CISSP, CSSLP, and GIAC GWAPT
- Knowledge of regulatory and compliance standards including PCI, SSAE18 SOC 1/2, SOX, and GDPR
- Hands on experience in a continuous integration/continuous deployment environment
About Avalara
About Avalara:
We’re building cloud-based tax compliance solutions to handle every transaction in the world. Imagine every transaction you make — every tank of gas, cup of coffee, or pair of sneakers, every movie ticket, meal kit, or streamed song, every sensor-to-sensor ping. Nearly every time you make a purchase, physical or digital, there’s an accompanying unique and nuanced tax compliance calculation. The logic behind calculating taxes — the rules, rates, and boundaries is a global, layered, three-dimensional mess of complexity, with compliance dictated by governments and applied by every business, every day.Avalara works with businesses of all sizes, all over the world — from corner stores to gigantic global retailers — to calculate tax accurately and automatically, at speeds measured in milliseconds. That’s a massive technical challenge, in terms of scale, reliability, and complexity, and we do it better than anyone. That’s why we’re growing fast. Headquartered in Seattle, Avalara has offices across the U.S. and around the world, in Brazil, Canada, India, U.K, Belgium and across Europe.
Equal Opportunities
Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, colour, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law.
