Pioneer of the Connected Operations Cloud

Senior Security Engineer – Threat Modeling

Security EngineerSecurity EngineerFull TimeRemoteTeam 1,001-5,000Since 2015H1B SponsorCompany Site LinkedIn

Location

California + 2 more

Posted

51 days ago

Salary

$157.7K - $238.5K / year

Bachelor Degree6 yrs expExperience acceptedEnglishAWSPythonSDLC

Job Description

• Lead and own ongoing operation and maintenance of Samsara’s threat modeling program, ensuring consistent execution of processes • Assist in detecting, raising risks found within the Samsara ecosystem, and recommending best next steps while balancing business needs • Work closely with the Vulnerability Technical Program Manager to generate and distribute monthly and quarterly compliance reports • Collaborate with engineering teams to track and support the remediation of identified vulnerabilities, providing guidance on best practices • Participate in security incident investigations related to high-profile vulnerabilities, helping gather data and assess potential impact on Samsara infrastructure • Contribute to documentation and process improvements to streamline risk management workflows • Champion Samsara’s cultural principles in daily work • Be regularly on call to support

Job Requirements

6+ years of relevant experience with demonstrated impact for application or product security and threat modeling in an enterprise environment
Deep familiarity with OWASP Top Ten, the STRIDE threat modeling framework (or equal such as PASTA or DREAD), MITRE ATT&CK
Defining and driving SDLC adoption with business focused engineers
Experience managing Bug Bounty programs such as Bug Crowd
Strong familiarity with common security vulnerabilities and the ability to judge their severity and impact on the business
Experience coding with Python or GoLang
Security certifications such as CISSP, AWS Certified Security Specialty, or equal
Experience and knowledge of FedRAMP and other regulatory security requirements
Experience with Semgrep or Wiz