Security Lead - Product Security

Glovo

  • Barcelona
  • Permanente
  • Tiempo completo
  • Hace 1 mes
Not your usual app. We are the fastest-growing multi-category app connecting millions of users with businesses, and couriers, offering on-demand services from more than 170,000 local restaurants, grocers and supermarkets, and high street retail stores.We operate in more than 1500 cities across 25 countries.We have a vision: To give everyone easy access to anything in their cities.And this is where your ride starts…YOUR MISSIONGlovo's success and constant growth is increasingly introducing new challenges to the security of our products. For this reason, Glovo is seeking a talented and motivated Security Lead to lead and help drive forward the priorities for the Product Security team, acting as the interface with product engineering and ensuring that the team is focusing on the right challenges and delivering on its commitments, while helping to ensure the security of our product and services by design across the company.Our vision is to build one of the best engineering organizations in continental Europe that is known for its unrivaled ability to create technology that supports Glovo's rapid growth; in an inclusive environment; where we celebrate our differences and work together to give back to the tech community globally.THE JOURNEY
  • Lead Product security team as part of the overall security efforts at Glovo
  • Foster the security by design culture by embedding security throughout the development lifecycle of Glovo products
  • Vendor management - Be the liaison point between the Product Security team and the corresponding different vendors and partners
  • Help shape the backlog, roadmap and vision of the Product Security vertical and ultimately the Security team
  • Support the implementation of automated security checks throughout the CI/CD pipelines (SCA, SAST, DAST, fuzzing, etc.)
  • Coordinate regular internal and external security assessments on new and existing products, such as penetration tests.
  • Help to perform threat modeling, design and code reviews sessions to proactively avoid identify potential vulnerabilities
  • Help to build security libraries and tools both for the Security Team and for other teams
  • Maintain the vulnerability management process, ensuring that security risks are correctly addressed.
  • Support Security team in fostering security culture and designing awareness campaigns
WHAT YOU WILL BRING TO THE RIDE
  • 7+ years of experience in product security or a similar position
  • Proven industry experience as an Engineer Manager
  • Ability to explain complex security issues and their impact to diverse audiences
  • Experience with security vulnerabilities described in OWASP Top 10 / SANS 25 and CWE classification.
  • Experience with modern web application offensive security assessments such as penetration testing
  • Coding experience (preferable: python, java or golang)
  • Proven problem solving, analytical and investigative skills combined with the ability to develop creative solutions and navigate through ambiguity in a fast-paced, agile environment
  • Excellent written and spoken English communications skills, as well as strong interpersonal and relationship building skills
Nice to have:
  • Previous experience with Bug Bounties, CTFs or similar activities
  • Experience with implementing security across a microservices architecture
  • Experience with technologies such as Docker, Kubernetes and Infrastructure as Code
  • Experience with the AWS environment
Even if it seems you don't meet our musts don't let it stop you, we are all about finding the best talent out there! Skills can be learned, and embracing diversity is invaluable.We believe driven talent deserves:
  • 🌟 An enticing equity plan *if applicable
  • 💪 Top-notch private health insurance to keep you at your peak.
  • 🍔 Monthly Glovo meal benefits so you can test new features in our beta app (and to satisfy your cravings!)
  • 💳 Discounts on transportation, food, and even kindergarten expenses or office-based nursery.
  • 🏊 Discounted gym memberships to keep you energized.
  • 🏖️ The freedom to work from home two days a week, and the opportunity to work from anywhere for up to three weeks a year. .
  • 👪 Enhanced parental leave (*if applicable)
  • 🧠 Online therapy and wellbeing benefits
We'll deliver a non-vanilla culture built on talent, where we work to amplify the impact on millions of people, paving the way forward together.At Glovo, we truly value diversity for the positive impact it brings to our teams, products, and culture. We're dedicated to providing equal opportunities for talent from all backgrounds.Feel free to note your pronouns in your application (e.g., she/her/hers, he/him/his, they/them/theirs, etc).Delve into our culture by taking a peek at our and check out our and !

Glovo