Product Security Engineer - Federal

📋 Description

• • As a Product Security Engineer focused on Federal accounts, you will play a pivotal role in safeguarding Ping Identity's cutting-edge identity platform. This position offers a unique opportunity to gain invaluable experience within a visionary cybersecurity company, contributing directly to the security and seamlessness of digital experiences for users worldwide. You will be instrumental in ensuring the integrity and robustness of our products, addressing complex technical and organizational challenges within a dynamic, distributed, and Infrastructure-as-Code development environment. Your expertise will be crucial in maintaining the highest security standards and fostering trust with our Federal clients.
• • In this role, your day-to-day responsibilities will be diverse and impactful. You will collaborate closely with global, high-performance product engineering teams to propose, develop, and continuously improve our Secure Software Development Lifecycle (SSDLC) practices. A significant part of your work will involve partnering with product teams to conduct thorough security design and code reviews, perform comprehensive vulnerability assessments, and manage identified risks within an agile development framework. You will be actively involved in application security tasks such as threat modeling, detailed developer code reviews, providing expert security consulting, utilizing static code analysis (SAST) and dynamic runtime fuzzing techniques, building custom security tools, and driving automation efforts. Furthermore, you will contribute to exploit development to better understand and defend against potential threats. A key aspect of this role involves supporting our Federal presales, customer support, and customer success teams by expertly responding to prospect, customer, and field inquiries concerning product and industry-specific security matters. You will also engage with third-party security consultants to facilitate independent security assessments, manage bug bounty programs, and oversee penetration testing of our products, ensuring a multi-layered approach to security validation.
• • You will be joining a forward-thinking company that is a leader in intelligent, cloud identity solutions. Ping Identity empowers businesses and individuals to interact securely and seamlessly in the digital realm. Our culture is built on the principle of 'digital freedom,' inspiring innovation and collaboration. We champion individuality and respect differences, encouraging employees to bring their authentic selves to work. Headquartered in Denver, Colorado, with a global presence, we serve some of the world's largest enterprises, including over half of the Fortune 100. This role is integral to our mission of changing how businesses and people perceive cybersecurity, digital experiences, and identity and access management.
• • This position offers significant opportunities for professional growth and learning. You will deepen your expertise in application security, gain hands-on experience with a wide array of SSDLC security tooling, and become proficient in modern authentication and identity standards. You will have the chance to refine your skills in code review, vulnerability assessment, and threat modeling within a challenging, cloud-native environment. By working with cutting-edge technologies and collaborating with talented engineering teams, you will enhance your understanding of secure development practices and contribute to the security posture of enterprise-grade software. Successfully navigating the complexities of security for Federal accounts will provide a unique and highly valuable skill set, opening doors to advanced career opportunities in the cybersecurity domain.
• • The role demands a proactive approach to security, ensuring that Ping's identity platform remains at the forefront of protection against evolving threats. You will be a key contributor to the security assurance of our revenue-generating products, directly impacting customer trust and product integrity. Your work will involve staying abreast of the latest security best practices and emerging threats, translating this knowledge into actionable improvements within the development process. This is an opportunity to make a tangible difference in a critical area of technology, contributing to the secure digital interactions of millions of users. The ability to effectively communicate complex security concepts to both technical and non-technical stakeholders will be a crucial skill developed and honed in this role. You will also gain exposure to compliance requirements within regulated environments, further broadening your professional capabilities and marketability in the cybersecurity field. The collaborative nature of the role ensures continuous learning from peers and cross-functional teams, fostering a dynamic and engaging work environment where security is a shared responsibility and a core tenet of product development. Your contributions will directly influence the security roadmap and practices of Ping Identity, solidifying your impact within the organization and the broader industry.