At tombola, security is built in from the start and the Product Security Engineer works closely with development teams to keep products secure
Job Summary
At tombola, security is built in from the start and the Product Security Engineer works closely with development teams to keep products secure.
The role involves external and internal security testing, embedding security into the development lifecycle, and influencing teams to make better security decisions.
tombola offers a hybrid working model with around 3 days a week in the Sunderland office and emphasizes a culture of inclusivity, ownership, and doing things the right way.
Matching Summary
At tombola, security is built in from the start and the Product Security Engineer works closely with development teams to keep products secure.
Skills & Requirements
Must-have
Security testing and vulnerability management
Secure development lifecycle (SDLC) integration
Collaboration with development teams
Experience with security frameworks ISO NIST PCI
Familiarity with cloud platforms and development environments
Automation and scripting skills
Working with third party security vendors
Nice-to-have
Translating technical findings into actionable insights
Confidence with technical and non technical stakeholders
Risk and security mindset
Strong relationship building and influencing skills
Passion for quality and thoroughness
Key Requirements
Experience working in or alongside a security function
Understanding of security frameworks and standards
Experience with secure development lifecycle
Awareness of OWASP Top Ten vulnerabilities
Ability to script or automate tasks
Experience working with third party vendors or penetration testers