Senior Product Security Engineer
Why be a Toaster?
Toast is a rapidly growing startup building the first all-in-one restaurant management software platform. Toast’s Android tablet based system helps restaurants operate more efficiently and connect with their customer base in new and innovative ways. For example, our portable tablets allow waitstaff to enter orders directly to the kitchen, reducing guest wait time and allowing the restaurant to turn over tables faster. This is good for the guest experience and good for the restaurant! We’re growing fast and serve cafes, restaurants, bars and nightclubs in all 50 states. We move fast and thus have lots of opportunities for career growth. If you’re a passionate security engineer looking to grow personally and make an impact, join us!
Toast is looking for a Sr. Product Security Engineer who will work with engineering and product teams to secure Toast's product portfolio; most notably, Toast’s multi-billion dollar payment processing platform. This role is a mix of hands-on development, and providing subject matter expertise to the engineering organization. You should love tackling difficult problems, and you should be excited to learn new things quickly and independently. The Product Security Engineer will be asked to methodically and comprehensively understand the security posture and attack surface of all Toast products, and various development frameworks. It’s crucial that you’re an effective communicator, as you’ll collaborate frequently with engineers to guide them in understanding and addressing security issues. You should have a “breaker” mentality within Toast’s defense-oriented, but offensive-minded engineering organization.
Your responsibilities will include:
- Provide security related mentorship and technical guidance to engineering teams to support cross-product SDLC initiatives
- Design and implement innovative approaches to product security that are compatible with a DevSecOps model
- Review internal code for advanced security issues as part of an agile development process
- Conduct comprehensive security reviews and lead threat modeling for new and existing software products
- Assist development teams with understanding and addressing potential security issues revealed by manual or automated review
- Assist the cloud platform and Android platform teams with development of shared product security libraries and infrastructure
You have some or all of the following qualities:
- 7-8 years of application security experience (source code auditing, penetration testing, product assessments, vulnerability research, reverse engineering, etc)
- 2-3 years of practical software development experience
- Strong familiarity with the Java language and modern web development (e.g. JavaScript, AngularJS, Node.js, etc.).
- Experience using modern security monitoring technologies such as ThreatStack
- Excellent attention to detail, quality, and customer satisfaction
- Strong analytical, organizational, and technical writing skills.
Bonus Points (but not necessary):
- Experience with Android
- Prior exposure to modern CI/CD pipelines
If this sounds like something you want to be a part of and grow your career with, we want to talk to you!
Perks of being a Toaster
- Great opportunity to join a fast-growing company which affords its’ employees mobility and advancement.
- Work on technology that’s making an impact in the industry (and challenging problems to solve as a result!)
- A team of passionate and collaborative co-workers (bring all your friends! referral bonuses).
- A culture of continuous innovation (quarterly company-wide hackathons to help bring this to life).
- An open concept office, complete with beanbag-filled collaboration spaces and Clubs & groups created by our employees, for our employees.
- Diverse events to engage with coworkers in a different setting (Field Day, yoga classes, harbor cruises, beer swaps, Texas Hold ‘Em tournament etc.)
- Location, location, location! In Landmark Center, right off the Green Line and a 5 minute walk from the Yawkey commuter rail stop (commuter benefits included).
The Usual Suspects
- Competitive salaries
- Stock options
- Medical, dental & vision benefits
- PTO (unlimited!)
- Flexible work hours
- Fully stocked kitchen (DIY seltzer, beer on tap, coffee/ lattes, cold brew iced coffee)