Product Security Engineer II

Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love.

Product Security at Toast isn't just about running tools and reporting vulnerabilities – we're the vigilant chefs ensuring the Toast never gets burned. We bake security into every layer of our products, from the first sprinkle of an idea to the final serving of a fully-baked solution. Our team is the secret ingredient that makes Toast's digital recipe both delicious and secure. We collaborate closely with R&D, seasoning the development process with robust security measures that protect the services and applications our customers rely on to run their businesses. 

Like master chefs, we blend cutting-edge technology with strategic thinking, kneading security into the dough of every product we create. By joining our Product Security team, you'll be part of the kitchen crew that keeps our customers' trust from going stale. You'll tackle complex challenges that have real-world impact, helping to serve up a safer, more secure digital experience for businesses that count on Toast every day. It's not just about finding vulnerabilities – it's about crafting a recipe for digital trust that keeps our customers coming back for more.

 

About this roll* (Responsibilities) 

• Identify, triage, and provide remediation guidance for application vulnerabilities
• Improve developer tooling and adoption to build a more robust SSDLC
• Assist incident response teams with application security expertise and tools
• Think like an attacker to identify weaknesses in application architecture
• Collaborate with developers, using a #OneTeam approach to bake security into our products
• Research emerging security trends and technologies, keeping our defenses cutting-edge
• Contribute to Toast's Security Community of Practice

Do you have the right ingredients*? (Requirements)

• Strong grasp of common web vulnerabilities and how to mitigate them
• Proficiency in at least one programming language (Kotlin, Java, Python, Go, C#, etc.)
• Experience with security tools like static/dynamic analysis scanners and web proxies
• Solid understanding of cloud application architecture, network security, and secure coding practices
• Excellent communication skills - you can explain complex security concepts to both technical and non-technical audiences

 

Special Sauce* (Nonessential Skills/Nice to Haves)

• A relevant security certification (CISSP, CEH, GWAPT, OSCP)
• Experience with web application firewalls, cloud and container security technologies, and/or SSDLC tooling (e.g. SAST/DAST/SCA)
• Experience with mobile apps/threats (iOS, Android)
• Experience with securing financial technologies

Our Spread* of Total Rewards
We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry. Our total rewards package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet Toasters’ changing needs. Learn more about our benefits at https://careers.toasttab.com/toast-benefits.

*Bread puns encouraged but not required

The base salary range for this role is listed below. The starting salary will be determined based on skills and experience. In addition to base salary, our total rewards components include cash compensation (overtime, bonus/commissions if eligible), equity, and benefits.Pay Range$104,000—$166,000 USD

 

We are Toasters

Diversity, Equity, and Inclusion is Baked into our Recipe for Success.

At Toast our employees are our secret ingredient. When they are powered to succeed, Toast succeeds.

The restaurant industry is one of the most diverse industries. We embrace and are excited by this diversity, believing that only through authenticity, inclusivity, high standards of respect and trust, and leading with humility will we be able to achieve our goals.

Baking inclusive principles into our company and diversity into our design provides equitable opportunities for all and enhances our ability to be first in class in all aspects of our industry.

Bready* to make a change? Apply today!

Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com.

Apply