MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in\-person time with colleagues and flexible at\-home life optimizations. Learn More: https://www.mathworks.com/company/jobs/resources/applying\-and\-interviewing.html\#onboarding.
Come join our highly visible, fast\-growing software product security team where you will have a high impact on the security of all MathWorks products and online services.
As a senior member of the team, you will take on a leadership role in key security projects. You will drive strategic security initiatives, build innovative tools, develop security architecture insights, track emerging threats, and enable us to achieve world\-class security for MATLAB, Simulink, Mobile, IoT, Web, MATLAB Online and Server Products.
MathWorks staff enjoy a hybrid work\-from\-home model featuring both home\-office flexibility as well as in\-office meeting days for optimized collaboration.
MathWorks nurtures growth, appreciates inclusivity, encourages initiative, values teamwork, shares success, and rewards excellence.
- Guide teams in the adoption of **Secure Development practices** including Threat Modeling, Security Architecture review, Static/dynamic and secure coding practices.
- **Improve security standards, processes, and tooling** to support MathWorks Product and services and “shift left” of security within the development lifecycle
- **Improve security standards, processes, and tooling into CI/CD pipelines** (SAST, DAST, dependency scanning, IaC scanning, policy enforcement) to support MathWorks Product and services and “shift left” of security within the development lifecycle
- Perform **vulnerability management**, including open\-source software
- Provide application security expertise to support **vulnerability response process**
- Perform **penetration testing** of different products and applications
- Experience with application security such as **OWASP Top 10**
- Collaborate with **external security researchers**
- Ability and passion to **coach and mentor** junior members of the security team
- Ability to analyze and **solve complex problems**
- Proficient in one or more programming languages (Python/C\+\+/JavaScript)
- Demonstrated experience in triaging findings from security tools, penetration testing, bug bounty programs, and the external research community
- Strong understanding of application security assessment techniques, threat modeling, general secure software development practices
- Secure AI/ML\-driven applications by addressing risks such as data exposure, model misuse, and prompt injection across applications
- Effective communications and influence with senior management and product teams
- A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.