Software Product Security Engineer
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Datamaze is seeking a Software Product Security Engineer to embed security practices into the lifecycle of web-based SaaS/AaaS products. You will define security measures, integrate SSO/IAM, manage web security protocols, and conduct threat modeling.
Key Skills for This Role
Responsibilities
- Work with product and engineering teams to design secure architectures for web based applications and integrations
- Assess and implement security measures specific to AaaS and SaaS models, including encryption, data protection, and tenant isolation
- Integrate and secure authentication solutions like Single Sign On (SSO), IAM frameworks, and third party identity providers (e.g., Okta, Azure AD)
- Implement and manage security protocols such as SSL/TLS, and enforce secure practices for web headers like CORS, Content Security Policy, and others
- Identify, prioritize, and remediate security vulnerabilities in the product through manual and automated methods
- Conduct threat modeling and risk assessments for product components and integrations
- Develop secure coding standards and guide engineering teams in adhering to them
- Build and maintain automation scripts for testing security configurations in CI/CD pipelines
- Collaborate with security operations to monitor and respond to security incidents related to the product
- Ensure the product complies with security standards such as SOC 2, ISO 27001, or PCI DSS. Document security policies, practices, and configurations
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or related field (or equivalent experience)
- 3 5 years of experience in application security, software development, or product security engineering
- Strong understanding of security for AaaS and SaaS models, including multi tenancy and data segregation
- Experience with web application security protocols, including SSL/TLS, OAuth, SAML, and OpenID Connect
- Familiarity with IAM and SSO providers like Okta, Azure AD, or similar
- Proficiency in securing web technologies, including handling CORS, CSRF, XSS, and SQL Injection vulnerabilities
- Hands on experience with security tools (e.g., OWASP ZAP, Burp Suite) and DevSecOps integration into CI/CD pipelines
- Strong knowledge of secure coding practices and encryption standards
- Proficiency in scripting or programming languages such as Python, JavaScript, or Java
- Familiarity with cloud environments like AWS, Azure, or Google Cloud and their native security tools
- Proven track record of securing web based products in a SaaS or AaaS environment
- Hands on experience with securing product integrations, including APIs and third party services
Full Job Posting
About The Role
- We are seeking a Software Product Security Engineer to ensure security across the lifecycle of our web based product.
- This role focuses on embedding security practices into the design, development, implementation, and integration phases while addressing the unique challenges of delivering our product as Application as a Service (AaaS) and Software as a Service (SaaS).
- As a key contributor, you will define and implement security measures for the product, including integrations such as Single Sign On (SSO), Identity and Access Management (IAM), and other third party systems.
- You will ensure secure configurations for protocols like SSL, manage web application security headers (e.g., CORS), and evaluate all security aspects of product deployments.
Key Responsibilities
- Security by Design: Work with product and engineering teams to design secure architectures for web based applications and integrations.
- Product Security Evaluation: Assess and implement security measures specific to AaaS and SaaS models, including encryption, data protection, and tenant isolation.
- Single Sign On and IAM: Integrate and secure authentication solutions like Single Sign On (SSO), IAM frameworks, and third party identity providers (e.g., Okta, Azure AD).
- Web Application Security: Implement and manage security protocols such as SSL/TLS, and enforce secure practices for web headers like CORS, Content Security Policy, and others.
- Vulnerability Management: Identify, prioritize, and remediate security vulnerabilities in the product through manual and automated methods.
- Threat Modeling: Conduct threat modeling and risk assessments for product components and integrations.
- Security Best Practices: Develop secure coding standards and guide engineering teams in adhering to them.
- Automation: Build and maintain automation scripts for testing security configurations in CI/CD pipelines.
- Monitoring and Incident Response: Collaborate with security operations to monitor and respond to security incidents related to the product.
- Compliance and Documentation: Ensure the product complies with security standards such as SOC 2, ISO 27001, or PCI DSS. Document security policies, practices, and configurations.
Qualifications
- Education: Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related field (or equivalent experience).
- Technical Skills: Strong understanding of security for AaaS and SaaS models, including multi tenancy and data segregation.
- Experience with web application security protocols, including SSL/TLS, OAuth, SAML, and OpenID Connect.
- Familiarity with IAM and SSO providers like Okta, Azure AD, or similar.
- Proficiency in securing web technologies, including handling CORS, CSRF, XSS, and SQL Injection vulnerabilities.
- Hands on experience with security tools (e.g., OWASP ZAP, Burp Suite) and DevSecOps integration into CI/CD pipelines.
- Strong knowledge of secure coding practices and encryption standards.
- Proficiency in scripting or programming languages such as Python, JavaScript, or Java.
- Familiarity with cloud environments like AWS, Azure, or Google Cloud and their native security tools.
- Experience: 3–5 years of experience in application security, software development, or product security engineering.
- Proven track record of securing web based products in a SaaS or AaaS environment.
- Hands on experience with securing product integrations, including APIs and third party services.
About The Company
- Datamaze is a dynamic company specializing in AI, Data, and Analytics consulting services.
- We are dedicated to transforming businesses by leveraging the power of data and artificial intelligence.
- With a team of industry experts in technology, business strategy, and data science, Datamaze offers a range of services including data strategy development, AI model creation, advanced analytics, and data visualization.
- Our approach is client centric, focusing on creating customized solutions that address unique business challenges and objectives.
- The team, comprising data scientists, AI experts, strategists, and engineers, is committed to continuous learning and innovation.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at DATAMAZE . AI
Sales Consultant
Dubai, UAE
Datamaze is hiring a Sales Representative to identify new business opportunities, build client relationships, and close deals for AI, data, and analytics consulting services. The role requires 2-4 years of B2B sales expe
Associate Sales & Solutions – AI, Data, Analytics & Security
Dubai, UAE
Datamaze is seeking a Sales & Solutions Associate for its AI, Data, Analytics, and Security practice. This entry-level role involves prospecting, client discovery, solution mapping, and pipeline nurturing. Candidates sho
Governance, Risk, and Compliance (GRC) Lead
Dubai, UAE
DATAMAZE . AI seeks a Compliance Lead to ensure products comply with global data protection, privacy laws, and AI/ML regulations. The role requires 3-5 years of compliance experience, knowledge of GDPR, CCPA, HIPAA, and
Product Manager
Dubai, UAE
We are looking for an experienced Software Product Manager to drive the development and success of software products. You will collaborate with cross-functional teams to define and deliver innovative solutions. Requires
Marketing Associate
Dubai, UAE
Datamaze is seeking a Marketing Associate to develop and implement marketing strategies, manage online presence, and analyze campaign effectiveness. The role requires 1-3 years of marketing experience, preferably in a B2
Software Engineer (Mid-Level)
Dubai, UAE
Datamaze is seeking a mid-level Software Engineer to design, develop, and maintain full-stack web applications. You will collaborate with cross-functional teams, mentor junior developers, and work with technologies like
Azure Data Engineer (Mid-Level)
Dubai, UAE
Datamaze is seeking a mid-level Azure Data Engineer to design, build, and optimize data solutions using Microsoft Azure services. You will develop data pipelines, integrate data from diverse sources, and collaborate with
Software Product Testing Engineer
Dubai, UAE
Datamaze is seeking a Software Product Testing Engineer to ensure quality, reliability, and performance of software products. You will design and execute testing strategies, perform manual and automated testing, and coll
Sales Consultant
Dubai, UAE
Associate Sales & Solutions – AI, Data, Analytics & Security
Dubai, UAE
Governance, Risk, and Compliance (GRC) Lead
Dubai, UAE
Product Manager
Dubai, UAE
Marketing Associate
Dubai, UAE
Software Engineer (Mid-Level)
Dubai, UAE
Azure Data Engineer (Mid-Level)
Dubai, UAE
Software Product Testing Engineer
Dubai, UAE