Product Security Engineer

Tableau Seattle , WA 98113

Posted 5 days ago

How do you feel when you've eliminated an entire class of potential security issues - across an entire Development organization - and ensured through automation that it will stay that way? We'd love for you to experience this thrill with us on the Tableau Product Security team! We're seeking a self-motivated engineer to lead our efforts in building security scanning into our continuous integration build pipeline, and enabling development teams with secure, foundational tools and resources. You'll be joining a group of like-minded engineers who are passionate about building robust products, leveraging automation testing and tooling, and scaling solutions to meet the security needs of a large development organization.

What you'll be doing...

  • Integrating static analysis and other security scans into build and test pipelines, and ensuring through automated processes that corresponding findings are appropriately visible, tracked, and addressed.

  • Helping define "gold standard" images, tools, libraries, frameworks, and/or coding techniques that enable and streamline secure software development.

  • Helping conduct security reviews to help teams understand risks to their services before they see the light of production.

  • Identifying key risks, communicating them, and collaborating with engineering teams to build a plan to address them.

  • Advocating for security across the company to both engineers and leadership.

  • Scaling yourself by training Tableau Security Champions on engineering teams.

Who you are...

  • An Engineer at Heart. Preferably with a cross-platform engineering background, who admires well-designed, scalable systems.

  • Experienced. You've worked in and around the security field for 5 - 10 years, preferably in multiple domains such as risk, policy, hardening, incident response, cryptography, IAM, networking, application security, or security assessments.

  • Automation-focused. You get twitchy when you're doing something robots should be able to do. An ability to automate processes and standards is required (Python, Ruby, Go, Powershell, Java, etc).

  • A Good Communicator. You could explain SQL injections to your non-technical relatives, and have them writing parameterized queries in no time. You'll be contributing to security reviews across a large number of teams helping them understand risks and how to address them.

  • Broad Security Awareness and Leadership. You've worked in multiple security areas, and have driven maturity improvements in significant portions of a security engineering program.

  • You are a Recruiter! Tableau hires company builders and, in this role, you will be asked to be on the constant lookout for the best talent to bring onboard to help us continue to build one of the best companies in the world!


Tableau Software is an Equal Opportunity Employer.

Tableau Software is a company on a mission. We help people see and understand their data. After a highly successful IPO in 2013, Tableau has become a market-defining company in the business intelligence industry. Our culture is casual and high-energy. We are passionate about our product and our mission and we are loyal to each other and our company. We value work/life balance, efficiency, simplicity, freakishly friendly customer service, and making a difference in the world!

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Security Engineer Web Application Pentester


Posted Today

VIEW JOBS 3/20/2019 12:00:00 AM 2019-06-18T00:00 Sr. Security Engineer - Web Application Pentester Seattle, WA Who We Are The Information Security (InfoSec) team is a blend of security engineers and security-focused software engineers helping ensure Twitter builds and maintains secure software. In addition we consult, develop tooling, and advocate and train engineers throughout the SDLC to ensure security is prioritized at each step of development. What You'll Do: Review implementation code and perform web application pentesting on critical products and features; identify security flaws and suggest remediations. Working to identify areas of security weakness. This includes manual penetration testing and automation for finding vulnerabilities. Finding ways to improve defense-in-depth. Helping engineers design more secure systems via design input or code review. Research new threats, attack vectors and risks Describe business impact of identified vulnerabilities to engineering and management Provide guidelines and best practices for fixing the identified vulnerabilities. Provide security expertise and guidance to twitter engineering and business teams Build, automate, and operate security review capabilities for Twitter, such as static and dynamic code analysis across multiple technology stacks and languages Qualification: You will meet most (but need not meet all) of the following points: * 5+ years of experience in application-level vulnerability testing and code-level security reviews * Web application pentesting experience * Strong understanding of web (OWASP Top 10) or mobile application security * Experience in doing automated testing via scripting or programming languages (Python, Java, Scala, shell etc) * Experience with Burp Suite, OWASP Zap or other proxying and scanner tools. * Experience with Kali Linux distribution. * Role can be located in Seattle, WA/San Francisco, CA/Boulder, CO Twitter offices. We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status. Twitter Seattle WA

Product Security Engineer