Product Security Engineer

About the role:

As a Product Security engineer at Sigma, you will play a crucial role in ensuring the security of our data analytics products. In this role, you'll have the opportunity to see the big picture and engage in activities that span offensive security testing and architecture review, collaborating closely with product and engineering teams to build secure and resilient solutions.This is a hands-on role that demands understanding of attack vectors, a proactive approach to finding vulnerabilities, and the ability to work strategically to influence security architecture and design. Your primary goal will be to identify and mitigate security risks, establish robust security practices, and ensure compliance with relevant security standards and regulations. You will be encouraged to write blogs, speak and join security events to talk about the work you are doing and how other companies can utilize it to better analyze their security data. 

You will:

• Conduct offensive security activities including red teaming,  blackbox penetration testing, and vulnerability research and improve defensive blue team capabilities.
• Perform comprehensive penetration testing on SaaS applications, and cloud infrastructure.
• Collaborate with Engineering and Product teams to integrate security best practices into the software development lifecycle (SDLC). 
• Perform threat modeling / data flow diagramming / design risk analysis/ security assessments, code reviews in partnership with business partners, providing guidance that balances security requirements with functional requirements.
• You'll have the freedom to not only think like an attacker but also shape the security architecture to preemptively thwart those attacks.
• Work on incident response efforts related to product security incidents and breaches.
• Communicating and collaborating with partner teams, service owners, Information Security, and senior leadership to influence, prioritize, and drive the resolution of discovered security findings
• Promote and grow culture of security within product engineering teams & design, build and operate uniform scalable security policies and controls for our entire product surface

You are:

• Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
• Proven experience in offensive security roles such as red teaming, penetration testing, or ethical hacking.
• 4+ years of experience in Product security, with a proven track record  in designing, implementing, and managing security programs for cloud-based platforms at Product companies.  
• 2+ years of experience in a penetration testing or similar offensive security role.
• Expertise with secure software development practices, including threat modeling, code review.
• Familiarity with programming languages such as Golang, Rust, Typescript, Python or similar.
• Proficiency in security tools and technologies, such as static and dynamic analysis tools, penetration testing tools, and vulnerability scanners.
• Strong technical background in security architecture, CI/CD enablement, cryptography, network security, and application security.
• Good understanding of cloud computing technologies and security principles, particularly in AWS, Azure, or GCP environments. 
• Relevant Security Certifications like OSCP or similar is a plus.

Additional Job details

The base salary range for this position is $170k - $200k annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Sigma Computing. This role is eligible for stock options, as well as a comprehensive benefits package.

About us:

Sigma is the only cloud analytics and business intelligence tool empowering business teams to break free from the confines of the dashboard, explore data for themselves, and make better, faster decisions. The award-winning software was built to capitalize on the performance power of cloud data warehouses to combine data sources and analyze billions of rows of data instantly via an intuitive, spreadsheet-like interface – no coding required.

Since launching with its unique interface, Sigma Computing has added features such as collaboration tools and embedded analytics capabilities. The most recent product launch included a set of AI tools such as forecasting capabilities, an AI copilot and a notebook interface for users who prefer a code-first environment.

Sigma announced its $200M in Series D financing in May 2024, to continue transforming BI through its innovations in AI infrastructure, data application development, enterprise-wide collaboration, and business user adoption. Spark Capital and Avenir Growth Capital co-led the Series D funding round, with additional participation from a group of past investors including Snowflake Ventures and Sutter Hill Ventures.The Series D funding, raised at a valuation 60% higher than the company’s Series C round three years ago, promises to further accelerate Sigma’s growth.   

Come join us!

Benefits For Our Full-Time Employees:

• Equity
• Generous health benefits
• Flexible time off policy. Take the time off you need!
• Paid bonding time for all new parents
• Traditional and Roth 401k
• Commuter and FSA benefits
• Lunch Program
• Dog friendly office

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.

Note: We have an in-office work environment in both our SF & NYC office.