Principal Product Security Engineer

Job DescriptionWhere you’ll work: Anywhere in Hungary Security at GoToIn today’s world, “work anywhere” means “secure everywhere.” We strive to deliver secure, remote workforce products and services that ensure business assets, customer, and employee data are protected. We build security & privacy by design and default, leveraging the SecDevOps methodology and nurturing a culture that enables security and privacy in everything we do. Security, meet simplicityYour Day to DayAs a Senior Product Security Engineer, you would be working on:Conducting security architecture reviews for new and existing products.Collaborating with engineering teams to implement secure-by-design principles.Performing comprehensive threat modeling and security reviews to identify and mitigate security risks early in the development process.Developing and enforcing secure coding standards and practices.Providing security-focused code reviews for critical components.Monitoring emerging security vulnerabilities and ensure remediation.Working closely with DevOps and engineering teams to integrate security practices.Mentoring junior engineers, promoting a culture of security-first thinking.Ensuring product compliance with relevant standards (e.g., GDPR, ISO 27001, SOC 2).Staying current with security trends, technologies, and best practices.Identifying and implementing new technologies to enhance the security posture of GoTo products.What We’re Looking ForAs a Senior Product Security Engineer, your background will look like:5+ years of professional, hand-on application and/or product security work experience; preferably in a SaaS product company of similar scale and scopeComprehensive understanding of software development lifecycle models as well as secure coding techniquesFamiliarity with CI/CD pipelines and cloud security principles (e.g., AWS, Azure, or GCP or Oracle)Knowledge of techniques, standards, and state of the art capabilities for security automation, (e.g., SAST, DAST, SCA, IAST, EDR, NGFW, WAF)A mix of relevant certifications in key areas would be helpful (but not required): CISSP, CCSP, CSSLP, CISM, CIPP, AWS Certified Security Specialist, Azure Security, AWS Certified Solutions Architect, SANS GIAC, etc. What we offer:Full remote work option within Hungary and on-demand seat in our Astoria officeTime-off benefits such as volunteering days, parental and pet leavePrivate health insurance, life insurance, and eye careAdoption, Tuition, and Reading Reimbursement, English CourseEmployee Resource Groups and GoTo Gives CSR program – a fun and inclusive community... and many more At GoTo, authenticity and inclusive culture are key to our thriving workplace, where diverse perspectives drive innovation and growth. Our team of GoGetters is passionate about learning, exploring, and working together to achieve success while staying committed to delivering exceptional experiences for our customers. We take pride in supporting our employees with comprehensivebenefits, wellness programs, and global opportunities for professional and personal development. By maintaining an inclusive environment, we empower our teams to do their best work, make a meaningful impact, and grow their career. Learn more.