Product Security Engineer

Application and Interview Impersonation Notice:  Impersonating another individual when applying for employment, and/or participating in an interview process to assist another individual in obtaining employment, with Precisely Software Incorporated (“Precisely”) is unlawful.  If Precisely identifies such fraudulent conduct, then as applicable and to the extent permitted by law, the application will be rejected, an offer (if made) will be rescinded, or the employment will be terminated, and legal action may be taken against the impersonators.

Precisely is the leader in data integrity. We empower businesses to make more confident decisions based on trusted data through a unique combination of software, data enrichment products and strategic services. What does this mean to you? For starters, it means joining a company focused on delivering outstanding innovation and support that helps customers increase revenue, lower costs and reduce risk. In fact, Precisely powers better decisions for more than 12,000 global organizations, including 95 of the Fortune 100. Precisely's 2500 employees are unified by four company core values that are central to who we are and how we operate: Openness, Determination, Individuality, and Collaboration. We are committed to career development for our employees and offer opportunities for growth, learning and building community. With a "work from anywhere" culture, we celebrate diversity in a distributed environment with a presence in 30 countries as well as 20 offices in over 5 continents. Learn more about why it's an exciting time to join Precisely!

Precisely is an AI-first organization. All employees are expected to demonstrate proficiency in applying AI tools to accelerate their work, improve output quality, and eliminate low-value tasks. Candidates should be comfortable using generative AI tools (e.g., Microsoft Copilot, ChatGPT) in their day-to-day workflows, able to evaluate AI-generated outputs critically, and open to continuously adopting new AI capabilities as they emerge.

Overview:

You will join our global product security team and help us build safer products. You will test our products, find risks, and work with others to fix them. We work across many products, so you will learn about different systems and how they are used. You will work closely with engineering and product teams, and they will rely on your guidance. You will help find hard-to-spot problems and support better security in product design and development. We want someone who shares what they know, keeps learning, and helps us strengthen how we work.

What you will do:

• You will perform security testing across our products to identify risks in web applications, application programming interfaces, containers, cloud environments, and AI-enabled features.
• You will partner with engineering and product teams so we have a clear understanding of security findings, risk, and remediation priorities.
• You will validate vulnerabilities through manual testing and security tools, helping us focus on the issues that matter most.
• You will support remediation by explaining findings clearly, reviewing fixes, and helping teams apply secure design and development practices.
• You will contribute to threat modeling, design reviews, and architecture discussions so risks are identified earlier in the development process.
• You will help improve our application security program by researching emerging attack techniques, tools, AI related tools and practical testing approaches.
• You will assess risks related to identity and access controls, common authentication models, and modern application architectures.
• You will work with teams across the software delivery lifecycle to strengthen security in build pipelines, deployment processes, and release practices.
• You will document findings and recommendations clearly so they can act on them and track issues through resolution.
• You will share knowledge with the team so we continue to improve how we test, communicate risk, and support secure product development.

What we are looking for:

• 3+ years of application security experience

• 3+ years of experience performing penetration testing

• Must have knowledge of application security testing across web applications, APIs, containerized deployments, cloud environments (AWS, Azure, GCP) and embedded or agentic AI applications

• Demonstrable expertise with tools such as Burp Suite, OWASP ZAP, Postman, Git, and Python or similar scripting languages.

• Strong understanding of OWASP Top Ten and AI Top Ten, SANS, MITRE ATT&CK.

• AI Skills/Knowledge:

• • Able to use generative AI tools such as Microsoft Copilot or ChatGPT to accelerate research, summarize findings, improve documentation, and reduce repetitive work.
  • Able to evaluate AI-generated content critically, verify technical accuracy, and use sound judgment before applying outputs to security testing, analysis, or decision-making.
  • Familiarity with security risks in AI-enabled features, including prompt injection, sensitive data exposure, insecure integrations, and misuse of model outputs, is preferred.
  • Openness to learning and adopting new AI capabilities as they emerge, and using them responsibly to improve quality, speed, and consistency in day-to-day work.
  • Knowledge of configuring and optimizing AI-assisted coding methodologies, including the development and tuning of skills in tools like Github Copilot, Claude Code, etc

• Preferred Skills:

• • Experience with threat modeling and secure design reviews is preferred.
  • Familiarity with cloud security concepts and common risks in modern application environments is a plus.
  • Experience with security testing for application programming interfaces, desktop applications, or legacy systems is beneficial.
  • Exposure to software delivery security practices and build pipeline security is preferred.
  • Relevant security certifications such as OSCP, PNPT, GPEN, GWAPT, CEH, or CompTIA Security+ are a plus.
  • Background in software engineering is also a plus.

#LI-SA1

The personal data that you provide as a part of this job application will be handled in accordance with relevant laws. For more information about how Precisely handles the personal data of job applicants, please see the Precisely Candidate Privacy Notice