Gong transforms revenue organizations by harnessing customer interactions to increase business efficiency, improve decision-making and accelerate revenue growth. The Revenue Intelligence Platform uses proprietary artificial intelligence technology to enable teams to capture, understand and act on all customer interactions in a single, integrated platform. More than 4,000 companies around the world rely on Gong to support their go-to-market strategies and grow revenue efficiently. For more information, visit www.gong.io.
As a Sr. Product Security Engineer, you'll play a pivotal role in leading product security initiatives, ensuring robust protection against potential vulnerabilities, and shaping secure coding practices across the organization. Your expertise will drive the security of our products to new heights.
RESPONSIBILITIES
- Cross-Functional Leadership: Lead cross-functional team activities, integrating advanced security best practices throughout the product development lifecycle.
- Security Assessments: Conduct and oversee regular security assessments, including in-depth code reviews, threat modeling, and vulnerability assessments, to identify and mitigate security weaknesses.
- Security Controls: Develop, implement, and automate sophisticated security controls and mechanisms to protect against unauthorized access, data breaches, and other security threats.
- Secure Architecture: Architect and design secure software and infrastructure components, ensuring scalability, reliability, and robustness.
- Cloud Security: Implement and manage cloud security measures, ensuring the security of our cloud infrastructure and services.
- Security Tools Utilization: Utilize security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST) to identify and address security vulnerabilities.
- Mentorship: Mentor and guide developers and DevOps teams, fostering a culture of security awareness and continuous improvement.
- Stay Updated: Stay updated with the latest security trends, threats, and technologies, and proactively implement improvements to our security posture.
- Collaboration: Collaborate with other security teams to address vulnerabilities and enhance our security protocols.
QUALIFICATIONS
- 5+ years of experience in Information Security.
- Extensive experience and deep understanding of software development fundamentals and secure coding principles.
- Proficiency in identifying and mitigating common and advanced security vulnerabilities and attack vectors, including an in-depth understanding of the OWASP Top 10.
- Significant experience developing and securing web applications using technologies such as Java, JavaScript, Python, TypeScript, and React.
- Strong expertise in cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
- Proficiency with version control systems and CI/CD tools such as GitHub, GitLab, Jenkins, and others.
- Experience with security tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Interactive Application Security Testing (IAST).
- Strong analytical and problem-solving skills with the ability to think critically and strategically.
- Excellent communication and collaboration skills with the ability to influence and drive security initiatives across the organization.
- Experience mentoring and guiding junior engineers, developers, and DevOps teams in security practices.
PERKS & BENEFITS
- Education & learning stipend to support your personal growth and development.
- Annual Leave / Paid Parental leave to support you and your family.
- Company-wide recharge days each quarter.
- Work from home allowance to help you succeed in a remote environment.
WHAT MAKES SECURITY AT GONG UNIQUE?
Here, at Gong, we trust and empower our employees with ownership to solve complex problems, make the right decisions and build the best products that create radical impact. We call it “Own. Solve. Impact.”
Our security team is at the forefront of a monumental shift in how we implement processes. Instead of simply saying "no," we embrace the mindset of "let's explore how we can make it work." Our security team brings a wealth of backgrounds, experience, and wisdom to the table. Which means that age comes before security, or is it the other way around?
If you are curious to discover Gong's wonderful and challenging world, what are you waiting for? Don’t delay - fill in your application details. Who knows, maybe there’s a Gongster in you!