Sr Product Security Engineer - Application Security

Medallia is the global leader in Customer Experience Management. Our mission is to create a world where companies are loved by their customers; where organizations see you as a person and not just their next sale. We do this by building a bridge between hundreds of companies and billions of customers, around the world, enabling access to your eyes, ears, and hearts, so they may design and deliver extraordinary experiences, every single day.

We at Medallia feel very strongly about protecting our clients’ information, and are looking for like-minded engineers to solve complex security challenges while enabling the rapid growth of the business globally. This Product Security role is a key role to building security into the development lifecycle of our product portfolio, and offers tremendous growth opportunities at a security conscious company on a high growth trajectory.

Some of the biggest names in Global 2000 organizations rely on Medallia to drive business innovation and customer experience. As Medallia becomes a trusted partner to organizations across the globe and spanning several industry verticals, it is more important than ever that we continue to stay a step ahead in securing our applications, services and data. The Senior Product Security Engineer role will work closely with our global engineering teams and ensure that we build secure and robust software in the world of DevOps and Agile. We are looking for a candidate who is passionate about security, has a strong technical background and loves creating innovative solutions to challenging problems.

Responsibilities

  • Perform application security assessments including architecture review, threat modeling, code review and penetration testing, on both web (Java) and mobile (iOS, Android, and React Native) platforms
  • Assist and enable engineering teams to adopt secure development practices
  • Provide software security advice to cross-functional teams including product, engineering, and services
  • Work closely with engineering and product teams to drive security issues to resolution
  • Develop software security guidance including training material, best practices, secure coding checklists, reuseable code, etc.
  • Automate security testing at scale by building and implementing static and dynamic analysis tools, integrating security into the software development lifecycle
  • Employ knowledge and deep understanding of threat landscape, SaaS industry, and customer feedback to drive the pipeline of impactful security features

Minimum Qualifications

  • 3-5 (5+ preferred) years’ experience with software security assessments and remediation in Java
  • Drive to take ownership of projects and drive resolution without close supervision
  • Strong skills in at least two of the following areas: architecture review/threat modeling, penetration testing, and static code analysis automation
  • Hands-on experience with tools and technologies used throughout secure SDLC (e.g., Checkmarx, Fortify SCA, Coverity, AppScan Standard/Enterprise, WebInspect, Burp Suite)
  • Independent problem solving capabilities and excellent communication skills

Preferred Qualifications

  • Knowledge of OSS scanning tools like Black Duck, SRC:CLR, Codenomicon AppCheck a plus
  • Knowledge of mobile development frameworks a plus (e.g., iOS, Android, React Native, Redux)
  • Knowledge of popular web development frameworks a plus (AngularJS, React, Redux, Velocity, StringTemplate, jQuery, Jackson, THRIFT, etc.)
  • Proficiency with Python, Ruby, or other scripting languages a plus
  • Knowledge of microservices architecture and containers a plus

At Medallia, we don’t just accept difference - we celebrate it and recognize the value it brings to our customers and employees. Medallia is proud to be an equal opportunity workplace and is an affirmative action employer. Equal opportunity and consideration are afforded to all qualified applicants and employees. We won't unlawfully discriminate on the basis of gender identity or expression, race, ethnicity, religion, national origin, age, sex, marital status, physical or mental disability, Veteran status, sexual orientation, and any other category protected by law.
Medallia is committed to working with and providing reasonable accommodation to applicants with disabilities in accordance with the American Disabilities Act and state disability laws.

Meet Some of Medallia's Employees

Natalie N.

Sales Development Representative

Natalie works on the Inside Sales Team to find new customers interested in partnering with Medallia. She helps these partners improve customer experience at their respective companies.

Shwetha S.

Senior Manager, Implementations

Shwetha works with a portfolio of Medallia clients to design and implement the best customer experience programs. She works to maximize client results and make a real change in their customer experiences.


Back to top