Security Engineer 5 - Product & Application Security

As a Staff Security Engineer 5 at PagerDuty, your primary responsibilities include leading and implementing security controls for our SaaS applications, identifying threats and vulnerabilities, and enhancing our security processes. You'll collaborate across engineering teams, share thought leadership on security practices, and support our security operations to protect customer data integrity while nurturing a culture of security awareness.

To qualify for the Staff Security Engineer 5 position at PagerDuty, candidates should have at least 7 years of experience in securing cloud infrastructure and applications, with skills in Linux, cloud-native security best practices, and scripting languages such as Python. A strong background in application security, threat analysis, and containerized applications is also essential.

PagerDuty is committed to the professional development of its employees. As a Staff Security Engineer 5, you will have opportunities to attend training sessions, contribute to security engineering communities, and stay up-to-date with industry trends. The company promotes knowledge sharing and mentoring, allowing you to grow both personally and professionally in your security career.

The culture at PagerDuty is characterized by collaboration, innovation, and support. As a Staff Security Engineer 5, you’ll work alongside kind and ambitious colleagues who value security and user experience. The flexible, remote work environment empowers you to balance work and life while still being engaged through team events and volunteer initiatives.

The salary range for a Staff Security Engineer 5 at PagerDuty is between $192,000 and $319,000, based on various factors such as experience, market location, and job-related skills. In addition, roles may be eligible for bonuses, company equity, and a competitive benefits package to enhance your employee experience.

When answering this question, highlight specific projects that demonstrate your practical skills in implementing security measures for cloud-native applications. Mention tools and techniques you’ve used to secure data and applications in environments like AWS.

Discuss your methodologies for conducting threat analysis and risk assessments, alongside how you prioritize vulnerabilities to address them effectively. It's beneficial to mention any frameworks or tools you've employed in past experiences.

Your answer should reflect an appreciation for security standards in application design. Explain how 'secure-by-default' minimizes risks by ensuring that applications are configured securely from the start and the practices you employ to develop such architectures.

Detail your strategies for building security awareness, such as conducting training sessions or regular knowledge-sharing meetings. Emphasize the importance of communication and how you encourage teamwork in understanding security responsibilities.

Highlight a specific project, detailing your role, the challenges faced, and the outcomes achieved. Make sure to illustrate your leadership skills and the impact the project had on the organization’s security posture.

Discuss specific tools you've used and why you favor them. Make sure to relate your answer back to ensuring high levels of security visibility and your hands-on experience in leveraging these tools to forecast vulnerabilities.

Mention practical approaches such as engaging with professional communities, attending conferences, or following relevant security publications and blogs, showcasing your commitment to lifelong learning in the security field.

Discuss the importance of security in user prompts and ensuring functionality does not deter users. Provide examples where you’ve successfully bridged the gap between security protocols and seamless user experience during development.

Share your knowledge and experience in integrating security practices into the DevOps process. Explain how securing applications through continuous integration and deployment processes can lead to a more robust security framework.

Explain how automation can streamline security processes, reduce human error, and improve efficiency in security operations. Provide examples of automated solutions you’ve implemented in previous roles.