6 days ago

Product Security Engineer

Sarafu

On Site
Full Time
$185,500
New York, NY

Job Overview

Job TitleProduct Security Engineer
Job TypeFull Time
CategoryCommerce
Experience5 Years
DegreeMaster
Offered Salary$185,500
LocationNew York, NY

Who's the hiring manager?

Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.

Uncover Hiring Manager

Job Description

About the Product Security Engineer Role at Sarafu (Meta)

Sarafu is seeking a Product Security Engineer to join a team dedicated to revealing potential weaknesses and crafting creative solutions to enhance security. In this role, your expertise will be crucial in safeguarding the security and privacy of over two billion people across Meta's ecosystem, including products like Instagram, WhatsApp, Oculus, and Portal. You will provide essential web, mobile, or native-code security insights to engineering and product teams, influencing key product decisions. This is an opportunity to actively contribute to making the digital world safer.

Responsibilities

  • Security Reviews: Conduct thorough manual design and implementation reviews of products and services within the Meta ecosystem.
  • Developer Guidance: Offer expert guidance and educational support to developers, helping them prevent the introduction of vulnerabilities.
  • Automated Analysis and Secure Frameworks: Collaborate with software engineers to build scalable automation (static and dynamic analysis) and secure frameworks across all Meta products.

Minimum Qualifications

  • BS or MS in Computer Science or a related field, or equivalent practical experience.
  • 5+ years of experience in identifying vulnerabilities within interpreted languages.
  • Demonstrated knowledge of best practices in secure code development.
  • Experience with exploiting common security vulnerabilities.
  • Understanding of common exploit mitigations and their operational mechanisms.
  • Proficiency in coding and scripting with one or more general-purpose programming languages.

Preferred Qualifications

  • Previous experience in product software engineering or product management.
  • Experience in security consulting or leadership-facing security advisory roles.
  • Familiarity with cybersecurity investigations, abuse operations, and/or security incident response.
  • A track record of contributions to the security community, such as public research, blogging, presentations, or bug bounty participation.

Key skills/competency

  • Product Security
  • Vulnerability Assessment
  • Secure Code Development
  • Exploit Mitigation
  • Static Analysis
  • Dynamic Analysis
  • Security Reviews
  • Developer Education
  • Cybersecurity Investigations
  • Programming Languages

Tags:

Product Security Engineer
vulnerability assessment
secure code review
exploit mitigation
security architecture
developer guidance
security automation
incident response
product security
risk assessment
static analysis
interpreted languages
python
javascript
java
c++
web security
mobile security
native security
security tools
application security

Share Job:

How to Get Hired at Sarafu

  • Research Sarafu's mission: Study Sarafu's role in supporting Meta's mission, values, and recent security initiatives.
  • Tailor your resume: Customize your resume to highlight experience in product security, vulnerability analysis, and secure development for Sarafu.
  • Showcase technical depth: Prepare to discuss specific examples of identifying and mitigating vulnerabilities in interpreted languages at Sarafu interviews.
  • Demonstrate problem-solving: Be ready to share instances where you've crafted creative security solutions and guided engineering teams effectively.
  • Understand Meta's ecosystem: Familiarize yourself with security challenges related to large-scale products like Instagram, WhatsApp, and Oculus.

Frequently Asked Questions

Find answers to common questions about this job opportunity

Explore similar opportunities that match your background