Wayfair
Wayfair is the destination for all things home: helping everyone, anywhere create their feeling of home$1. .$1
E-Commerce • Technology • Online Retail • Internet Marketing • Software Engineering
14172 - 14172
Senior Product Security Engineer
September 6
🏢 In-office - Toronto
Wayfair
Wayfair is the destination for all things home: helping everyone, anywhere create their feeling of home$1. .$1
E-Commerce • Technology • Online Retail • Internet Marketing • Software Engineering
14172 - 14172
Description
• Lead enterprise wide security initiatives by working closely with development teams • Strategize and collaborate with security development to build security solutions that can be used across the enterprise using Python and Java • Be the trusted security SME for the Org and liaise with development and product teams to develop & deploy secure products and features for customers, suppliers, partners, and employees • Implement ‘Sec’ in DevSecOps model of operations • Conduct risk analysis, threat modeling and penetration testing of highly complex services to build secure products from ground up • Keep development teams up-to-date with secure coding practices by providing them training and the latest trends in secure development • Build runbooks and knowledge base to assist developers with secure development • Coordinate with and manage external hackers as part of Wayfair’s Bug Bounty Program • Maintain, tune, and own the web application firewall (WAF)
Requirements
• Minimum of 5 years of experience in secure application development or application security • Experience with secure application development or Secure SDLC • Hands-on scripting experience in Python • Experience securing k8s, REST and GraphQL services with deep understanding of securing micro service architectures • Experience securing any of these cloud services platforms - GCP (Preferred), AWS, Azure • Understanding of Authentication mechanisms such as SAML, JWT, OAuth etc. • Understanding of build and release management, CI/CD platforms • Cloud Security Certifications is a plus • We would love to see experience with WAF, Bug Bounty Program and Open source security tools
Benefits
• Paid Holidays • Paid Time Off (PTO) • Paid Sick Days • Health & Dental Benefits • Life Insurance • Disability Protection (Short Term & Long Term Disability) • Global Wellbeing: Gym/Fitness discounts (including Peloton, Global ClassPass,) • Mental Health Support (Global Mental Health, Global Wayhealthy Recordings) • Caregiver Services • RRSP (Registered Retirement Savings Plan) • Tuition Reimbursement • Parental Leave Top-Up Program • Global Surrogacy & Adoption Policy • Rewards & Recognition • Global Employee Anniversary Awards • Paid Volunteer Work • Employee Discount • Global Pod Outings • Emphasizing a supportive & flexible work environment that encourages a balance between personal and professional commitments
Apply Now
