Senior Product Security Engineer
Faire is an online wholesale marketplace built on the belief that the future is local — independent retailers around the globe are doing more revenue than Walmart and Amazon combined. At Faire, we're using the power of tech, data, and machine learning to connect this thriving community of entrepreneurs across the globe. Picture your favorite boutique in town — we help them discover the best products from around the world to sell in their stores. With the right tools and insights, we believe that we can level the playing field so that small businesses everywhere can compete with these big box and e-commerce giants.
By supporting the growth of independent businesses, Faire is driving positive economic impact in local communities, globally. We’re looking for smart, resourceful and passionate people to join us as we power the shop local movement. If you believe in community, come join ours.
About this role
Our engineering team owns the software that makes our marketplace work. We care about good engineering practice and love to write software that is secure, tested, easy to maintain, and can scale to millions of users. We build minimum viable products, deploy to production multiple times per day, A/B test customer-facing changes, listen to the data, and iterate.
As a Senior Product Security Engineer, you will work alongside product and engineering to design secure software solutions for Faire’s web and mobile applications. You will be responsible for analyzing systems, identifying security vulnerabilities, advocating for security across engineering teams and leadership, and influencing product design and architecture.
What you’ll do
- Collaborate with cross-functional teams to identify, assess, and address product security vulnerabilities and risks. Drive initiatives to enhance the overall security posture of our applications and systems.
- Utilize your in-depth knowledge of the OWASP Top 10 to proactively identify potential security issues in our software development lifecycle. Develop and implement mitigation strategies to prevent and remediate OWASP vulnerabilities.
- Leverage your strong software development background, particularly in object-oriented programming (OOP) languages, to review code for security vulnerabilities, design secure software architectures, and contribute to secure coding practices within the organization.
- Utilize your hands-on experience in security automation in a DevSecOps environment to develop and maintain security tooling and frameworks. Automate security testing, vulnerability scanning, and security controls to integrate security seamlessly into the development and deployment pipelines.
- Promote a culture of security awareness and train developers, engineers, and other stakeholders on secure coding practices, security best practices, and emerging threats.
- Proven experience of 5+ years as a Product or Application Security Engineer.
- Deep expertise in the OWASP Top 10 and a thorough understanding of web application security principles and common vulnerabilities.
- Strong hands-on experience in security automation in a DevSecOps environment.
- Proven experience with security testing and vulnerability scanning tools.
- Experience with cloud security, preferably in AWS, and a good understanding of cloud security best practices.
- Excellent analytical and problem-solving skills, with a keen attention to detail.
- Strong communication and collaboration skills, with the ability to work effectively across teams and influence stakeholders.
Faire’s flexible work model aims to meet the needs of our diverse employee community by making work more flexible, connected, and inclusive. Depending on the role and needs of the team, Faire employees have the flexibility to choose how they work–whether that’s mainly in the office, remotely, or a mix of both.
Roles that list only a country in the location are eligible for fully remote work in that country or in- office work at a Faire office in that country, provided employees are located in the registered country/province/state. Roles with only a city location are eligible for in-office or hybrid office work in that city. Our talent team will work with candidates to determine what locations and roles are eligible for each option.
Why you’ll love working at Faire
- We are entrepreneurs: Faire is being built for entrepreneurs, by entrepreneurs. We believe entrepreneurship is a calling and our mission is to empower entrepreneurs to chase their dreams. Every member of our team is an owner of the business and taking part in the founding process.
- We are using technology and data to level the playing field: We are leveraging the power of product innovation and machine learning to connect brands and boutiques from all over the world, building a growing community of more than 350,000 small business owners.
- We build products our customers love: Everything we do is ultimately in the service of helping our customers grow their business because our goal is to grow the pie - not steal a piece from it. Running a small business is hard work, but using Faire makes it easy.
- We are curious and resourceful: Inquisitive by default, we explore every possibility, test every assumption, and develop creative solutions to the challenges at hand. We lead with curiosity and data in our decision making, and reason from a first principles mentality.
Faire was founded in 2017 by a team of early product and engineering leads from Square. We’re backed by some of the top investors in retail and tech including: Y Combinator, Lightspeed Venture Partners, Forerunner Ventures, Khosla Ventures, Sequoia Capital, Founders Fund, and DST Global. We have headquarters in San Francisco and Kitchener-Waterloo, and a global employee presence across offices in Salt Lake City, Atlanta, Toronto, London, New York, LA, and Sao Paulo. To learn more about Faire and our customers, you can read more on our blog.
Faire provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity or gender expression.
Faire is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, please fill out our Accommodation Request Form (https://bit.ly/faire-form)