Senior Product Security Engineer
Indexed description
Come join our highly visible, fast-growing software product security team where you will have a high impact on the security of all MathWorks products and online services.
As a senior member of the team, you will take on a leadership role in key security projects. You will drive strategic security initiatives, build innovative tools, develop security architecture insights, track emerging threats, and enable us to achieve world-class security for MATLAB, Simulink, Mobile, IoT, Web, MATLAB Online and Server Products.
MathWorks staff enjoy a hybrid work-from-home model featuring both home-office flexibility as well as in-office meeting days for optimized collaboration.
MathWorks nurtures growth, appreciates inclusivity, encourages initiative, values teamwork, shares success, and rewards excellence.
Responsibilities
- Guide teams in the adoption of Secure Development practices including Threat Modeling, Security Architecture review, Static/dynamic and secure coding practices.
- Improve security standards, processes, and tooling to support MathWorks Product and services and “shift left” of security within the development lifecycle
- Improve security standards, processes, and tooling into CI/CD pipelines (SAST, DAST, dependency scanning, IaC scanning, policy enforcement) to support MathWorks Product and services and “shift left” of security within the development lifecycle
- Perform vulnerability management, including open-source software
- Provide application security expertise to support vulnerability response process
- Perform penetration testing of different products and applications
- Experience with application security such as OWASP Top 10
- Collaborate with external security researchers
- Ability and passion to coach and mentor junior members of the security team
- Ability to analyze and solve complex problems
- A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.
- Proficient in one or more programming languages (Python/C++/JavaScript)
- Demonstrated experience in triaging findings from security tools, penetration testing, bug bounty programs, and the external research community
- Strong understanding of application security assessment techniques, threat modeling, general secure software development practices
- Secure AI/ML-driven applications by addressing risks such as data exposure, model misuse, and prompt injection across applications
- Effective communications and influence with senior management and product teams
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search