Clash
of Jobs
Browse All Jobs
Job Description
Postman is seeking a Senior Security Engineer to join their team. This role involves mentoring junior engineers, improving security tooling, conducting security training, and identifying and remediating vulnerabilities in web applications and cloud infrastructure. The Senior Security Engineer will also write and review technical proposals, architectural diagrams, application code, and IaC. They will use automated and manual testing techniques to improve understanding of the environment and reduce false negatives.
Role involves:
- Mentoring junior security engineers
- Improving security tooling and processes
- Conducting security talks and training sessions
- Identifying and remediating vulnerabilities
- Writing and reviewing technical documentation
Requirements:
- Experience as a Senior Security Engineer securing web applications and APIs
- Experience conducting threat modeling, security reviews, and risk assessments
- Project management experience leading security improvement initiatives
- Proficiency in one or more high-level programming languages
- Proficiency with developer tools and processes (Github, CI/CD, containers, IaaS/PaaS, APIs, etc.)
- Experience securing data to meet privacy requirements
- Deep understanding of securing AWS environments
- Experience deploying AppSec tools throughout the SDLC
- Understanding of web security mechanisms (SOP, CORS, CSP, etc.)
- Strong understanding of authentication/authorization protocols (OAuth, SAML, JWT)
Postman offers:
- Competitive equity package
- Full medical coverage
- Flexible PTO
- Wellness reimbursement
- Monthly lunch stipend
- Hybrid work model (3 days a week in office for San Francisco Bay Area based employees)
