Product Security Engineer
Job Description:
The security team at Peloton has oversight into the security practices of the entire organization, instantiating security policies and best practices, as well as automation of these policies/practices where possible. The security team at Peloton is looking for a Product Security Engineer to join our growing team to work across disparate teams. As a Product Security Engineer, you would ensure the security of Peloton's products and services.
Responsibilities:
- Perform security assessments and design reviews; make recommendations to improve security posture.
- Have experience in Pen-testing, vulnerability research, and threat modeling.
- Secure architecture design; provide training to security and internal development teams.
- Assist in the implementation of product features like authentication, cryptography.
Requirements:
- Have experience working on a security team performing technical security assessments on modern web applications, APIs, and mobile applications within cloud hosted environments such as AWS, GCP.
- Experience with manual secure code review in languages such as Javascript, Python, Node.js, Ruby
- Experience integrating security into CI/CD pipelines
- Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Checkmarx, Veracode, AppSpider, Coverity, NetSparker
- Knowledge of software security testing procedures across multiple platforms and Operating Systems.
- Understanding of Agile software development methods and familiarity with enterprise productivity tools such as JIRA, confluence
- Experience instituting organizational change with respect to security
- Effective spoken and written communicator to multiple audiences
- B.S. Computer Science in a related field, or equivalent experience
Nice to haves
- Experience and familiarity with NIST, PCI, et. al. frameworks.
- Familiarity with Peloton products and services is a plus
- Experience with bug bounty programs
- Experience with CDNs such as Fastly, Cloudflare, Cloudfront, Akamai
- Experience with Android development
ABOUT PELOTON:
Founded in 2012, Peloton is a global interactive fitness platform that brings the energy and benefits of studio-style workouts to the convenience and comfort of home. We use technology and design to bring our Members immersive content through the Peloton Bike, the Peloton Tread, and Peloton Digital, which provide comprehensive, socially-connected fitness offerings anytime, anywhere. We believe in taking risks and challenging the status quo by continuously innovating and improving. Our team is made up of passionate brand ambassadors, and we know that together, we go far.
Headquartered in New York City, with offices, warehouses and retail showrooms in the US, UK and Canada, Peloton is changing the way people get fit. Peloton has been named to many prestigious industry lists, including Fast Company's Most Innovative Companies, CNBC's Disruptor 50, Crain's New York Business' Tech25 and Fast50, as well as TIME's Genius Companies. Visit www.onepeloton.com/careers to learn more about joining our team.