The position requires a passion for platform security, solving both technical and organizational changes, with the ability to work in a fast moving, distributed and agile development environment. You will have excellent communication skills and pay attention to the latest security trends and best practices.  

You will:

Own Platform Security Engineering for assigned Ping Identity products and tools Assist in developing and implementing Secure Software Development Lifecycle (SSDLC) practices Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment Perform security tasks including (but not limited to) threat modeling, developer training, static code analysis, dynamic runtime fuzzing, and exploit development. Innovate the automation of SSDLC tasks Collaborate with SRE and Engineering teams to secure platform infrastructure Assist the presales, support and customer success teams responding to prospect, customer and field questions related to product and industry security Engage with third-party security consultants for independent security assessments, bug bounties and penetration testing of the product

You have:

5+ years of proficiency in a mix of Enterprise Platform Security, API Security and Web Application Security 5+ years of developing commercial or open-source products (experience in Java preferred) or equivalent experience Experience securing services based cloud infrastructure, including Kubernetes and Infrastructure as Code (IaC) platform models. Understanding of network protocols and architectures such as TCP/IP, UDP, IPv6, IPSEC, TLS, HTTP/S, routing protocols Exceptional problem-solving skills, curiosity about the inner workings of systems and show attention to details and documentation Excellent written and oral communication skills

You have an advantage if you have: 

Experience with Linux environments, administration, security, and internals Experience with identity management (OAuth 2.x, OpenID Connect, SAML, Active Directory, 2FA/MFA, LDAP, SCIM, FAPI, OpenBanking, etc.) Experience in securing machine learning or generative AI platforms Experience with cloud deployment in Amazon AWS, Azure or Google Cloud Platform Security certifications such as CISSP, CSSLP, GIAC, OSCP

#LI-NY1