Senior Product Security Engineer

Senior Product Security Engineer

Toast creates technology to help restaurants and local businesses succeed in a digital world, helping business owners operate, increase sales, engage customers, and keep employees happy.

SEAR at Toast

SEAR at Toast focuses on two things: actionable intelligence collection, analysis, and delivery to engineers, and hunting the adversaries who would damage and defraud Toast, its customers, and its partners. We bake security into every layer of our products, from the first sprinkle of an idea to the final serving of a fully-baked solution. Our team is tasked with searching out and degrading the operations of persistent, motivated attackers. Like master chefs, we blend cutting-edge technology with strategic thinking, implementing bespoke and industry-standard solutions for intelligence processing at scale. By joining SEAR, you'll be part of the kitchen crew that keeps our customers' trust from going stale. You'll tackle complex challenges that have real-world impact, helping to serve up a safer, more secure digital experience for businesses that count on Toast every day. It's not just about pattern-matching – it's about crafting a recipe for digital trust that keeps our customers coming back for more.

A day in the life (Responsibilities)

• Select, implement, design, and build services and tools to manage and deliver security intelligence across Toast platforms.
• Identify, triage, and provide remediation guidance for application vulnerabilities, with a specific focus on anti-abuse activities.
• Improve developer tooling and adoption to build a more robust SSDLC which integrates security and anti-abuse features.
• Practice a #OneTeam attitude to help other Toast teams make informed, security-conscious decisions when building new public-facing software.
• Assist incident response teams with application security expertise and tools, especially related to abuse and fraud.
• Build threat models on Toast applications and use cases.
• Guide in the design and maintenance of robust and resilient network and application architecture.
• Collaborate to improve information gathering and sharing across all Toast products.
• Leverage cutting edge AI tools to enhance your development workflow, improve velocity, and help pioneer new approaches to building - contributing to a culture of innovation and productivity across the team.

What you'll need to thrive (Requirements)

• Minimum 5+ years of experience in application security and security engineering.
• Experience building and maintaining scaled Java web service