Pitney Bowes
Advisory Product Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Pitney Bowes
Pitney Bowes Inc. is a global technology company that specializes in mailing, shipping, e-commerce, logistics, and financial services solutions. Founded in 1920 through the merger of Arthur Pitney's postage meter invention and Walter Bowes' business operations, the company has a rich history of innovation in mail processing. It launched the first commercially viable postage meter, revolutionizing how postage is applied securely and efficiently. The company offers a wide range of products and services, including mailing and shipping equipment like postage meters, mail inserters, and computerized systems. It also provides digital solutions such as shipping label printing, presort mail services, and data quality tools. Pitney Bowes has evolved to focus on advanced, data-driven solutions that cater to small and medium-sized businesses, enhancing their mailing and shipping capabilities in the digital age. The company has established partnerships with notable clients, including eBay and various postal services, reflecting its broad business reach and commitment to innovation.
Security at Pitney Bowes
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“Pitney Bowes follows a "security-first"and "security by design"philosophy for its platform development. - Stated AppSec Mission: "built on a robust security-first foundation"– Pitney Bowes Trust Center - Risk Philosophy: The company emphasizes "privacy, security, and compliance, by design."– Pitney Bowes Trust Center - Developer Enablement vs. Gatekeeping: Information not publicly available. - Stated Pain Points or Goals: Information not publicly available. Gaps & Contradictions: There is no public evidence describing the specific interaction model between security and developers (e.g., 'paved road' vs. 'gating').”
Security Team
Pitney Bowes' security leadership is headed by a Senior Vice President of Information Technology and Security. The operational team includes dedicated Application Security Engineers who perform tasks such as threat modeling, secure code reviews, and DevSecOps integration. Key Public-Facing Leaders: - James (Jim) McGinnis, Senior Vice President, Information Technology and Security – https://www.pitneybowes.com/us/our-company/leadership-team.html Team Size Estimate (as_of:): - LinkedIn Search Query Used: site:linkedin.com/in/ "Pitney Bowes""Application Security" - Result: Information not publicly available (exact count/range not verifiable from public data). Active AppSec Job Postings (as_of:): - Count: Information not publicly available. Gaps & Contradictions: The formal reporting chain (e.g., whether AppSec reports to the CISO or directly to the SVP of IT) and the specific team size are not publicly documented.
Key Initiatives
Operational workflows include standard security testing and DevSecOps practices. - Security Champions Program: No Evidence Found. - "Shift Left"in Practice: The team integrates security into the development lifecycle via "DevSecOps"and "secure code reviews."– Public Professional Profile - Vulnerability Management Process: Practices include "Vapt"(Vulnerability Assessment and Penetration Testing) and "OWASP"standards. – Public Professional Profile - Secure SDLC Artifacts: The team performs "Threat Modeling"and "annual penetration testing"(implied by VAPT mentions). – Public Professional Profile Gaps & Contradictions: Specific remediation SLAs (MTTR) and the existence of a formal Security Champions program are not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.