Senior Product Security Engineer

Narvar is growing! We are actively seeking a highly skilled and experienced Senior Product Security Engineer to join our fast-paced Security team. We are looking for a Product Security Engineer who is inquisitive and has a passion for building secure by design products in partnership with our Engineering teams. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis.

Our ideal candidate has a proven track record in security engineering, possesses a deep understanding of the latest security trends, and is capable of devising innovative solutions to protect our products and customer data by engaging hands-on with engineering. If you are passionate about cybersecurity and have the expertise to be a driver for security, we invite you to apply and be a vital part of Narvar.

Day-to-day

• Provide security recommendation and guidance to engineers working on a wide-array of products in different programming languages (Java, Golang, Javascript, Ruby, etc.).
• Play an integral part in building secure by design products by assisting teams throughout the software development lifecycle.
• Perform threat modeling sessions with teams using the STRIDE model
• Conduct security reviews (internal penetration testing)
• Conduct design and code reviews throughout the software development lifecycle
• Review infrastructure decisions and ensure they follow security best practices (Rate limiting, IAM, Network boundaries, etc.)
• Provide leadership with regular updates on risks and vulnerabilities across our products and services.
• Perform internal penetration testing and participate in internal red team exercises.
• Vulnerability Management: Identify, triage, and manage security vulnerabilities identified in our products. Guide engineering teams on recommended mitigations.
• Build, manage and improve security tooling and automation.
• Most Importantly: Be a Champion of Security at Narvar.

What we’re looking for

• Have 5+ years of combined software development and security experience.
• Have strong understanding of application and infrastructure security, including hands-on exploitation skills.
• Have a strong understanding of container deployment, specifically Kubernetes architecture and can read and write Infrastructure code (Terraform and Helm).
• Have familiarity with secure development practices and security testing techniques such as but not limited to: Principle of least privilege, Identity and Access Management, Isolation and Segmentation etc.
• Have the ability to explain complex security issues and their impact to diverse audiences.
• Have deployed and managed security tools and features (Threat Detection and Analysis, DLP, API Security, SAST, DAST, etc.)

Note: We currently are operating on a hybrid model and we are only looking for people that are ready to work out of our Bangalore office.

Why Narvar?

We're on a mission to simplify the everyday lives of consumers. Post-purchase is a critical phase of the customer journey. That's why we created Narvar - a platform focused on driving customer loyalty through seamless post-purchase experiences that allow retailers to retain, engage, and delight customers. If you've ever bought something online, there's a good chance you've used our platform!

From the hottest new direct-to-consumer companies to retail’s most renowned brands, Narvar works with GameStop, Neiman Marcus, Sonos, Nike, and 1300+ + other brands. With hubs in San Francisco, Atlanta, London, and Bangalore, we've served over 125 million consumers worldwide across 10+ billion interactions, 38 countries, and 55 languages.

Pioneering the post-purchase movement means navigating into the unknown. Our team thrives on this sense of adventure while nurturing a mindset of innovation. We're a home for big hearts and we leave our egos at the door. We work hard but we always make time to celebrate professional wins, baby showers, birthday parties, and everything in between.

We are an equal-opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-SA1

#LI-Hybrid