Senior Product Security Engineer

Come on board with Neo Group! Here's your chance to stir things up in the scene with us. We're not just expanding; we're revolutionizing the entire game, mastering profitability with every new venture. But you know what truly fuels our drive? It's people like you.

Neo Group is on the lookout for a Senior Product Security Engineer to join our Engineering Team.

Responsibilities:

• Provide expert security guidance throughout all phases of the Software Development Life Cycle (SDLC) to product development teams and business leaders.
• Lead secure SDLC initiatives, including reviewing system architectures, supporting automated security tools, and conducting threat modeling and penetration testing.
• Manage the Vulnerability Management process: identify, triage, and oversee the resolution of security vulnerabilities.
• Design, build, automate, and maintain a suite of internal security tools to support ongoing security operations.
• Perform technical security reviews and analyses of proposed technical solutions to determine security impact and recommend security controls.
• Conduct independent internal reviews of security controls and information systems to ensure compliance with established policies and best practices.
• Provide clear and detailed overviews of the audit process, executing cybersecurity audits across various company departments.
• Write comprehensive reports for stakeholders, explaining security processes and recommendations in accessible language.
• Develop and monitor key security metrics to assess the effectiveness of security measures implemented.

• Proven experience in conducting penetration testing and scoping security tests for various services.
• Hands-on experience facilitating threat modeling sessions with engineering and product teams.
• Knowledge of selecting, implementing, and maintaining advanced security products and services.
• Proficiency in automation scripting with popular languages such as Python, PowerShell, Ruby, or similar.
• Solid understanding of cryptography, authentication, and authorization protocols.
• Experience in managing security incidents, including developing incident response strategies, conducting post-mortem analysis, and implementing preventative measures.
• Strong collaboration and communication skills, capable of explaining complex security issues to non-technical stakeholders.
• Commitment to continuous professional development in the cybersecurity field.

Desirable Skills:

• Problem-solving aptitude and ability to adapt to rapidly changing technology landscapes.
• Team-oriented mindset with strong interpersonal skills to foster collaboration across various departments.
• Familiarity with key security standards and regulatory requirements (e.g., ISO 27001, NIST frameworks, GDPR, HIPAA) relevant to the industry.

• Recharge your batteries with 20 paid working vacation days annually to explore, relax, and rejuvenate.
• Kick off your birthday month with a bang! Not only do you get heartfelt birthday wishes from your team, but you also enjoy a fully-paid day off. 
• Prioritize your health with compensation for wellness activities. 
• Experience an international work environment with a passionate, motivated, and professional team.
• Foster camaraderie and celebrate achievements through engaging in corporate events throughout the year.