Senior Software Engineer, CorpSec

Role Overview

The security team leads efforts to ensure systems are secure and worthy of user trust. This involves designing security architecture, consulting on new products, and responding to incidents. This role focuses on performing service and application security reviews and automating quality gates within the software release pipeline. The goal is to build a series of automated controls that constantly validate security status through tooling and automation.

Responsibilities

• Architect and build services that improve system security with a focus on scalability and minimizing friction.
• Partner with IT and infrastructure teams to design, build, and maintain performant authentication and authorization systems.
• Own the security posture of identity infrastructure, including SSO implementations, MFA strategies, access provisioning workflows, and identity lifecycle management.
• Share knowledge by giving tech talks and evangelizing engineering best practices.
• Collaborate with cross-functional teams to ensure security best practices are leveraged during feature rollouts and service expansions.
• Conduct penetration testing, code reviews, and breach readiness assessments across online and mobile infrastructure.
• Proactively research new attack vectors and implement automated code security quality gates.
• Build and maintain relationships with key internal and external partners.

Requirements

• 5+ years of software engineering experience with a high-level programming language (experience with Python, Go, and shell scripts is preferred).
• 3+ years of experience in computer security.
• Identity and Access Management (IAM) security experience with platforms such as Okta, Duo Security, Microsoft Entra ID (Azure AD), or similar identity providers.
• Experience securing identity protocols and standards, including OAuth 2.0, OIDC, SAML, SCIM, and JWT.
• Proficiency in threat modeling, code review, and penetration testing against cloud environments and mobile platforms (iOS/Android).
• Ability to conduct code reviews in languages such as Python, Go, Java, Swift, or Objective-C.
• Development skills to automate code security assessments.
• Strong understanding of computer networking concepts, protocols, and network security architecture principles like defense-in-depth.
• Excellent communication skills with the ability to present findings and recommendations to leadership.
• Ability to manage multiple tasks and priorities independently with minimal supervision.
• Note: Please submit your resume in English.