Product Security Engineer

IT & Security United States


Description

We are looking for Product Security Engineer to join our small, but mighty security team and help us protect the platform we provide to clients. We are looking for someone who is eager dive in, identify risks, communicate them, and create a plan to address them. If you are inherently curious and passionate about security, we want to hear from you.

Why This Job Is Important 

You’ll help us keep the platform which hosts Data & Insights solutions on our global government client base secure, now and into the future. Our platform empowers government employees to securely share data with other departments, non-profits, and the public to collaborate and deliver high-impact community improvement projects. What we do matters. New York, Seattle, San Francisco and 300+ other cities, states and counties use us to connect citizens with information that matters to their day to day life. 

You will work closely with the product development team (engineers, product managers, designers, and others) in this highly collaborative role! This is a chance to drive security at scale for a multi-tenant cloud platform with terabytes of need-to-share data.

Responsibilities

In a typical week, you might...

  • Provide product security engineering recommendations during the product development lifecycle, design through deployment
  • Lead a security architecture review
  • Participate in code review with the engineering team 
  • Perform a practical security assessment (SAST, DAST, IAST, and beyond)
  • Build security requirements & metrics to support continuous improvement over time
  • Coach and collaborate with team members to normalize security best practices (i.e. developers, QA, design, and product teams)
  • Coordinate, reproduce, and validate reported security findings from clients, cross-team researchers, and third-party penetration tests
  • Make security tooling and automation improvements for incident and intrusion monitoring, detection, and response

Qualifications

The Ideal Candidate 

  • You have at least 4-6 years of experience in QA, testing, product security, or similar development focused work.
  • Tools we’d love you to have experience with one or more DAST tool such as AppSpider, Burp Suite Pro InsightAppSec, Netsparker, Checkmarx, HP WebInspect.
  • You have skills in one or more of the following workflows: Threat Analysis, Remediation, Programming, Security Automation, Penetration Testing, Incident Response, IAM, Bug Bounty, Threat Hunting.
  • If you have one or more of these certifications, that would be splendid: OSCP, Certified Ethical Hacking (CEH).
  • Additionally, if you have experience with Linux, Ubuntu, AWS, Red Hat, that would be a great asset and very helpful.
  • Ability to pass a federal background check required

You belong here! Nobody checks every box and if your experience and interests match some of the above, we would love to hear from you.

About Us

Tyler Technologies (NYSE: TYL) provides integrated software and technology services to the public sector. Tyler's end-to-end solutions empower local, state, and federal government entities to operate more efficiently and connect more transparently with their constituents and with each other. By connecting data and processes across disparate systems, Tyler's solutions are transforming how clients gain actionable insights that solve problems in their communities. Tyler has more than 37,000 successful installations across more than 12,000 locations, with clients in all 50 states, Canada, the Caribbean, Australia, and other international locations. Tyler has been recognized numerous times for growth and innovation, including Government Technology’s GovTech 100 list and Forbes’ “Most Innovative Growth Companies” list. More information about Tyler Technologies, an S&P 500 company headquartered in Plano, Texas, can be found at https://www.tylertech.com/. To learn more about our Data & Insights solutions, visit https://www.tylertech.com/solutions/transformative-technology/data-insights.

Additionally, we aspire to be remarkable: in the culture we create, the products we build, and the services we deliver. We believe a diverse team that embodies different backgrounds and experiences is necessary for us to be the best we can be. Within the company, we pursue a culture of inclusivity by identifying and removing aspects of our culture that stop people from being able to do the best work of their lives in physical and emotional safety, while being their authentic selves. We seek diversity, equity, and inclusion across our organization and in our daily work as individuals.

We understand change takes time and that we still have work to do; however, we are committed to making continual progress.