Lead Product Security Engineer
Gong transforms revenue organizations by harnessing customer interactions to increase business efficiency, improve decision-making, and accelerate revenue growth.
The Revenue Intelligence Platform uses proprietary artificial intelligence technology to enable teams to capture, understand, and act on all customer interactions in a single, integrated platform.
As a Sr. Product Security Engineer, you'll play a pivotal role in leading product security initiatives, ensuring robust protection against potential vulnerabilities, and shaping secure coding practices across the organization.
Responsibilities:
- Lead cross-functional team activities, integrating advanced security best practices throughout the product development lifecycle.
- Conduct and oversee regular security assessments, including in-depth code reviews, threat modeling, and vulnerability assessments, to identify and mitigate security weaknesses.
- Develop, implement, and automate sophisticated security controls and mechanisms to protect against unauthorized access, data breaches, and other security threats.
- Architect and design secure software and infrastructure components, ensuring scalability, reliability, and robustness.
- Implement and manage cloud security measures, ensuring the security of our cloud infrastructure and services.
- Utilize security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST) to identify and address security vulnerabilities.
- Mentor and guide developers and Dev Ops teams, fostering a culture of security awareness and continuous improvement.
- Stay updated with the latest security trends, threats, and technologies, and proactively implement improvements to our security posture.
- Collaborate with other security teams to address vulnerabilities and enhance our security protocols.
Qualifications:
- 5+ years of experience in Information Security.
- Extensive experience and deep understanding of software development fundamentals and secure coding principles.
- Proficiency in identifying and mitigating common and advanced security vulnerabilities and attack vectors, including an in-depth understanding of the OWASP Top 10.
- Strong expertise in cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
- Proficiency with version control systems and CI/CD tools such as Git Hub, Git Lab, Jenkins, and others.
- Experience with security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST).
- Strong analytical and problem-solving skills with the ability to think critically and strategically.
- Excellent communication and collaboration skills with the ability to influence and drive security initiatives across the organization.
- Experience mentoring and guiding junior engineers, developers, and Dev Ops teams in security practices.
Perks & Benefits:
- Education & learning stipend to support your personal growth and development.
- Annual Leave / Paid Parental leave to support you and your family.
- Company-wide recharge days each quarter.
- Work from home allowance to help you succeed in a remote environment.
What Makes Security at Gong Unique:
Gong empowers employees with ownership to solve complex problems, make the right decisions, and build the best products that create radical impact.
Our security team brings a wealth of backgrounds, experience, and wisdom to the table, embracing the mindset of "let's explore how we can make it work."