Part commercial enterprise, part revolutionary movement, Einride leads the transition to a zero-emission transportation system, based on autonomous, all-electric vehicles, coordinated by an intelligent routing software — making the journey from A to B as efficient as possible.
As a Product Security Engineer at Einride, you'll be joining a top talent team of ambitious, fast moving, kind-hearted people who challenge conventional thinking and think big.
Job description:
- Provide tooling that supports engineering teams in:
writing secure code and integrate it in the teams’ CI/CD pipelines
preventing cloud security misconfigurations from reaching production
- Establish best practices for a “golden path” when it comes to building:
secure software development (e.g., linting, detecting secrets, enforcing the 4-eye principle, building security test cases, etc)
Secure infrastructure (e.g., hardened base images, secret management, certificate management, network security hardening, etc)
Give practical guidance and support to development teams with a modern twist in traditional InfoSec areas such as secret management, certificate management, log management, network monitoring, patch management, etc
Lead threat modeling workshops and architecture reviews with development teams
Work with development teams on security critical software components (e.g., authentication, authorization, etc)
Eat your own dog food, while doing all (or most) of the above; i.e., follow the security practices you are preaching to others when building security products
Requirements:
Working experience in similar roles (e.g., appsec or cloud security engineer)
Working experience in public cloud infrastructure (e.g., GCP, AWS, Azure) and container technologies
Programming experience (scripting might be sufficient, depending on your profile)
Experience with at least a couple of the tools and processes in a S-SDLC (e.g., secure coding training, bug bounty programs, web app pentesting, threat modeling, security requirements engineering)
Knowledge in securing and monitoring IoT environments is a significant plus
This position is based in Stockholm or Gothenburg. We recommend you submit your application as soon as possible as selection and interviews are held continually.