This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Geotab - Atlanta, GA
posted 19 days ago
Full-time - Mid Level
Remote - Atlanta, GA
Professional, Scientific, and Technical Services
About the position
Geotab is seeking a Product Security Specialist to enhance the security of existing and new products through comprehensive code reviews and security assessments. This role involves validating scanner findings, providing remediation suggestions, and collaborating with both technical and non-technical stakeholders. The ideal candidate will possess strong communication skills and the ability to manage multiple projects in a fast-paced environment.
Responsibilities
- Review existing/new/proposed products with various source code and security-based architecture reviews.
- Manually validate scanner findings by tracing source code across multiple code bases and provide developer-level suggestions for remediation.
- Explain risk assessments to both technical and non-technical stakeholders.
- Write and maintain scripts/code to automate security scanner execution and integrate scanners with CI pipelines.
- Update scanning scripts and refactor as needed.
- Contribute to secure coding standards and develop training for developers.
- Perform technical writing of assessment reports and vulnerability descriptions for product owners and developers.
- Identify coverage gaps in security assessments and make recommendations to address them.
- Prioritize work that benefits the team and escalate issues in a timely manner.
- Support Geotab's global strategic initiatives.
Requirements
- 3-5+ years of experience with security evaluation/analysis and security code reviews or relevant development experience.
- Bachelor's degree in Computer Science, Information Management, Engineering or a related field.
- Security certifications highly preferred (OSCP, OSWA, OSWE).
- Experience using source code, dynamic and dependency scanners (e.g., Veracode, Fortify, Sentinel, OWASP Dependency, NetSparker, Qualys).
- Knowledge of programming languages and web service technologies.
- Competent with Linux, Windows, GCE, bash, and python.
Nice-to-haves
- Experience with cloud-based applications and collaboration tools.
- Familiarity with Google Cloud storage and reporting mechanisms.
Benefits
- Flex working arrangements
- Home office reimbursement program
- Baby bonus & parental leave top up program
- Online learning and networking opportunities
- Electric vehicle purchase incentive program
- Competitive medical and dental benefits
- Retirement savings program
