• Deep understanding of web application security and secure development practices
• Deep understanding with common security libraries, security controls, and common security flaws
• Experience building and shipping software fulfilling federal and DoD requirements
• Experience with Threat Modeling applications
• Experience with static/dynamic analysis, and common exploit tools and methods
• Experience in one or more programming languages, ideally Go or Javascript
• Excellent written and verbal communication skills, including prior experience on public speaking engagements or published research
• Demonstrable teamwork skills and resourcefulness

Desirable

• Mattermost is seeking a result-driven and analytical Staff Product Security Engineer to help ensure the security of our product and services across the company
• As part of our Security team you will work closely with a globally distributed team to support in all the different aspects of the software development life cycle
• You will be responsible for the implementation of additional application security tooling and/or processes across the company and coordinate with relevant stakeholders, gather requirements, and lead the implementation
• Support the application vulnerability management and mitigation approaches
• Engage in threat modeling and design reviews of in-house developed software components
• Conduct application security reviews through manual code review or static/dynamic code analysis
• Educate technical teams on DoD security requirements/architecture and support R&D fulfilling federal compliance requirements, e.g. FIPS
• Provide security guidance and training to internal development teams
• Promote the Mattermost brand and build awareness through blog posts and public speaking on security subjects
• Validate ideas and share insights with Product Management/Marketing on product direction and industry trends for security audiences