Docker Jobs in Web3

WHO WE ARE: Zinnia is the leading technology platform for accelerating life and annuities growth. With innovative enterprise solutions and data insights, Zinnia simplifies the experience of buying, selling, and administering insurance products. All of which enables more people to protect their financial futures. Our success is driven by a commitment to three core values: be bold, team up, deliver value – and that we do. Zinnia has over $180 billion in assets under administration, serves 100+ carrier clients, 2500 distributors and partners, and over 2 million policyholders.WHO YOU ARE As a Senior Product Security Engineer, you will leverage your development, security and architecture experience to work alongside product and engineering to design secure software solutions, mitigate risks and enable security controls to protect assets. You will be responsible for analyzing systems, identifying security vulnerabilities, advocating for security across engineering teams and leadership, and influencing product design and architecture. You’ll build partnerships with our Software Engineering and Product teams to ensure Zinnia is doing all we can to protect the company’s and our customers’ data.  As a trusted advisor, you will partner with business, engineering and product stakeholders and enable them. You will be able to coach, mentor, educate, advise on software design and architecture, implement/configure/monitor security tools, and help drive an appreciation for security. If you like to automate and shift security left, manage risk, and further enable business, then this role is for you. WHAT YOU’LL DO :

Collaborate and build relationships with the product and engineering teams Identify risks across all applications, and assist to mitigate these risks Assist in the development of a scalable threat modeling program (and conduct them as well!) for our applications, including the training of engineering teams to do the same. Review source code for potential security vulnerabilities and provide remediation guidance to engineers Develop, deploy and maintain various code and application security tools (such as SAST/DAST etc.) and their SOPs Develop, evaluate, and respond to alerts and events from the security tools Adopt automation to shift security to the left and make it scalable Triage, escalate, and offer remediation for the vulnerabilities found after risk assessment Be able to assist in occasional (but not normally expected) after hours security investigations when needed Be a humble mentor for our talented team members

WHAT YOU’LL NEED:

9+ years of experience in an application security engineering or other similar role Extensive hands-on experience in performing manual and tool-assisted code reviews Extensive hands-on experience in integrating secure development practices into SDLC Extensive hands-on experience in integrating security tools in CI/CD pipelines Experience in Typescript, Python, Go or another programming language Experience in the development of security products or DevSecOps infrastructure Demonstrable knowledge of OWASP Top 10 and attack vectors Foundational understanding of container security and orchestration (Kubernetes, Docker) Familiarity with deployment automation tools such as Terraform, Helm, Atlantis, and BuildKite Familiarity with threat modeling Strong written and verbal communication skills Desire to build an application security program and coach junior engineers

WHAT’S IN IT FOR YOU? At Zinnia, you collaborate with smart, creative professionals who are dedicated to delivering cutting-edge technologies, deeper data insights, and enhanced services to transform how insurance is done. Visit our website at www.zinnia.com for more information. Apply by completing the online application on the careers section of our website. We are an Equal Opportunity employer committed to a diverse workforce. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability  

LI-SC1