- Assess the current state of Product Security and help evolve a scalable, developer-focused Security Development Lifecycle (SDLC)
- Select and/or design and build security tools to be integrated within the CICD pipeline
- Perform reviews ranging from architectural design to threat modeling, providing actionable recommendations to make Nitro's products and services more secure
- Collaborate closely with engineering on the implementation of security best practices in essential systems across the company
- Triage and respond to vulnerability reports and potential incidents
- Manage and/or write tools to help identify application security flaws and work with engineering teams to make sure that issues are remediated
- Help coordinate penetration testing of Nitro products and services
- Lead and further develop a Security Champion program
- Be capable of prioritizing security efforts in the broader business context, as well as helping teams understand the prioritization of security mitigation work
- Five + years of experience in the application security space helping to secure complex web, desktop and mobile applications and their architectures (experience with Scala, GoLang and/or C/C++ a plus)
- A history of independently finding security vulnerabilities in applications
- A track record of contributing to projects from design to implementation and through maintenance
- A broad and practical understanding of security fundamentals and their application in real world environments
- Experience with static, dynamic and SCA security tools
- Practical knowledge and experience working in public cloud environments (AWS, Azure, etc.)
- Contributions to the security community (conference talks, Open Source projects, viral memes, etc)
- Successful bug bounty or CTF experience
- Experience with GitHub actions, Dependabot, Datadog, argocd and Kubernetes
- Infrastructure as Code experience
- Be Good - Nitronauts are good humans with big hearts that are respectful and supportive of each other. We celebrate individuality and diversity and strive to foster an environment where people can be themselves and do their best work.
- Performance First - We like to challenge ourselves. We're passionate about exceeding expectations and stepping outside our comfort zones to get to the next level. It's our ambition that pushes us to work hard and deliver strong results.
- No B.S. - This one is self-explanatory, but we're all about transparency, honesty, and authenticity here. We don't beat around the bush; we tell it like it is.
Company
Location
Lisbon - Portugal
Job type
Full-Time
Golang Job Details
About Us:
Nitro is a global document productivity company accelerating digital transformation in a world that demands the ability to work from anywhere, anytime, on any device. As a global player in the eSign and workflow productivity market, Nitro enables organisations to drive better business outcomes through 100% digital document processes and fast, efficient workflows. The Nitro Productivity Platform offers comprehensive SaaS business solutions, including highly secure eSigning and e-ID, powerful PDF productivity and industry-leading analytics, all supported by a superior customer success team. Nitro has over 3 million licensed users and 13,000+ Business Customers in more than 150 countries, including over 68% of the Fortune 500 and three of the Fortune 10. Nitro is headquartered in San Francisco with nine global hubs.
Why Nitro Engineering:
Engineering is a critical function at Nitro, developing the products and services at the heart and soul of our business today, and helping us realize our vision of smarter documents in the future. We have an incredibly talented and diverse Engineering team that cares, with a strong culture that believes in building the right things and building them the right way.
The Role: At Nitro we are looking to hire a Senior Security Engineer to join us to help build, lead and champion our Application Security Program and participate in the continued evolution of our overall Security strategy.
We are looking for a motivated, self-sufficient and talented Security Engineer who can help build out a nascent shift-left Product Security initiative. We are looking for an engineer who strives to continuously iterate, improve and learn. The Security team at Nitro focuses on partnering with development groups throughout the company to create and deliver applications and services that are secure. Our work includes audits such as code reviews, threat models and penetration testing assessments. We also build partnerships with engineering teams in defining security-related requirements and providing input on design proposals. This role will also manage tools and create practices which will allow us to scale our work to cover a diverse and complex set of code bases across the broader organization.
What you'll be doing:
What we're looking for:
What would be awesome to also have:
Please note, this role can be hired remotely in Ireland and some other European countries.
How We Work:
Our mission is to help create, develop, and support an environment where great people come to do their best work. We believe there is a balance to strike between "work hard, play hard," and we strive to improve in both areas every day.
We put our customers, employees, and communities at the center of everything we do. It all comes back to our core values:
Why Nitro?
Our goal is to empower our Nitronauts—to make an impact, work better together, and believe any goal is attainable. We take pride in the perks and benefits provided to employees that make their day-to-day lives more enjoyable and secure. Along with our regular benefits and programs (including health, dental, vision, retirement as standard), we are also very proud to offer a few additional initiatives to future Nitronauts:
Flex Time Off
Work-life balance is important at Nitro, and we understand that there are events that we cannot plan for. We are proud to offer Flex Time Off to be used for holidays, spending days with your family, or appointments.
Flexible Forever
We will offer a flexible work environment forever. This hybrid approach allows our team the flexibility to work remotely and have access to in-person time for collaboration sessions and team offsites.
90 Days Away
We offer the opportunity for employees to travel and explore while working from anywhere. Employees can extend vacations and spend more time with family, and work from anywhere for up to 90 days.
Nitro Resource Groups
Nitro supports our diverse group of Nitronauts who come together to celebrate their passions, share their unique perspectives, experiences, and contributions to make Nitro a more inclusive place to work.
Families @ Nitro
We have the opportunity and responsibility to ensure the well-being of our employees, which includes offering support when and where it matters most. From generous leave to fertility benefits, Nitro supports team members who may be on or considering a path to parenthood, whatever that looks like.
We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. Nitro provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. #LI-Remote #LI-DK1 #gonitro
More Developer Job Boards
Fullstack Developer Jobs Golang Jobs JavaScript Jobs Python Jobs React Jobs Rust Jobs Java Jobs