Text

Senior Product Security Engineer

 Engineering

Senior Product Security Engineer

  • R10803
  • Engineering
  • Bengaluru, Karnataka, India

At Toast, we are committed to creating innovative solutions that enhance security and leverage the power of artificial intelligence to drive restaurant business growth and help them thrive. We are seeking a highly skilled and versatile engineer who specializes in application security to join our dynamic team.

Job Summary:

The Senior Application Security Engineer will be responsible for designing, implementing, and maintaining secure applications and collaborate closely with development teams to embed security best practices throughout the software development lifecycle (SDLC). This role requires a deep understanding of security principles, cloud architecture, and AI technologies to ensure our systems are robust, scalable, and secure.

Key Responsibilities:

Application Security:

  • Conduct security assessments and code reviews to identify and mitigate vulnerabilities in web, mobile applications and APIs.
  • Identify, analyze, and prioritize security risks and vulnerabilities.
  • Implement and manage security protocols and measures to protect applications from threats.
  • Develop and maintain security tools and frameworks to support secure software development.
  • Develop and execute security testing strategies to validate the effectiveness of security controls.
  • Promote and enforce security best practices throughout the SDLC.
  • Provide guidance on secure coding principles, secure design patterns, and cryptographic techniques.

General Security Practices:

  • Stay current with the latest security threats, vulnerabilities, and technology trends.
  • Develop and deliver security training and awareness programs for engineering teams.
  • Work closely with cross-functional teams to embed security best practices throughout the development lifecycle.

Required Skills and Qualifications:

Education:

  • Bachelor’s or Master’s degree in Computer Science, Engineering, Information Security, or a related field.

Experience:

  • Minimum of 5 years of experience in application security domain
  • Proven experience with secure software development practices and tools (e.g., SCA, SAST, DAST).
  • Proven experience with pentesting of web applications, mobile applications (Android and IOS) and APIs (REST and GraphQL)

Technical Skills:

  • Strong programming skills in languages such as Python, Java, Kotlin, C++, or similar.
  • Deep understanding of security principles, cryptography, and secure coding practices.
  • Familiarity with DevSecOps practices and CI/CD pipelines.
  • Knowledge of containerization technologies (e.g., Docker, Kubernetes) and their security implications.
  • Experience with AI security testing tools and techniques.

Soft Skills:

  • Excellent problem-solving and analytical skills.
  • Strong communication and collaboration abilities.
  • Ability to work independently and as part of a team in a fast-paced environment.

Preferred Qualifications:

  • Relevant security certifications such as CISSP, CEH, or similar.
  • Knowledge of frameworks such as OWASP, SANS.
  • Knowledge of compliance frameworks such as PCI, ISO, GDPR, or similar.

 

 

We are Toasters

Diversity, Equity, and Inclusion is Baked into our Recipe for Success.

At Toast our employees are our secret ingredient. When they are powered to succeed, Toast succeeds.

The restaurant industry is one of the most diverse industries. We embrace and are excited by this diversity, believing that only through authenticity, inclusivity, high standards of respect and trust, and leading with humility will we be able to achieve our goals.

Baking inclusive principles into our company and diversity into our design provides equitable opportunities for all and enhances our ability to be first in class in all aspects of our industry.

Bready* to make a change? Apply today!

Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com.

Bready* for a change?

Apply now

Other recommended rolls* 

Senior Manager, Model Risk

G & A Bengaluru, Karnataka, India R9450 Bengaluru Karnataka India Bengaluru, Karnataka, India General & Admin G & A : Compliance
Toast is driven by building the all-in-one restaurant platform that helps restaurants operate their business, increase sales, engage guests, and keep employees happy. The Toast Enterprise Risk and Compliance Management Program provides a coordina...

Staff Cloud Engineer

R10517 Remote United States Remote, United States Engineering R & D : Foundations : InfraEng
Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. The Infrastructure Engineering team’s mission is to provide the cloud native inf...

Staff Software Engineer

Bengaluru, Karnataka, India R10038 Bengaluru Karnataka India Bengaluru, Karnataka, India Engineering R & D : Engineering : Enterprise
    Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love.  Are you bready* for a change? Toast is looking for a Staff Software engin...

Apply now

Not You?

We have emailed you a code to verify your identity. Please check your spam/junk folder if you don't receive the email in your inbox.

Thank you

Notice on fraudulent jobs

We have been made aware of instances of fraudulent job postings and/or fraudulent recruiting activity by bad actors, purporting to represent Toast.  These fraudulent schemes often seek monetary contributions or payments from job seekers (such as for "start up costs" or "equipment"), or seek to collect sensitive personal or banking information from job seekers.  These job postings and offers are not authorized by Toast, and Toast is not responsible for fraudulent offers or requests for personal information or payments.  Toast will never ask for any financial commitment or contribution from a candidate at any stage of the recruitment process.  Candidates who have questions about the validity of Toast job postings or offers should consult the job postings on our careers.toasttab.com career site. If you think you've been scammed, reference this site for more info.

Check out other rolls*