Application Security Engineer
New York, NY
Posted Apr 16, 2021 - Requisition No. 90223
The Product Security team is dedicated to making our products and technologies as secure as possible. We report into the CISO, but work closely with engineering teams, product teams, and others across the organization to integrate security into the product life cycle from design through deployment. Our colleagues depend on us to be application, network, and host security pros. We specialize in defining security requirements, performing application security assessments, and providing developers with remediation advice. On any given day we're performing security reviews on internal and third party applications, evaluating a proposed network change, or providing guidance on security/coding best practices.
What's the Role?
As an Application Security Engineer, you will conduct security assessments driven by the output from our automated Static and Dynamic Application Security Testing (SAST/DAST) pipelines. You will be responsible for verifying the validity of SAST and DAST findings, as well as using your app sec instincts to dive deeper into areas identified via our automated scanning processes. After identifying vulnerabilities you will collaborate with development teams to assist in understanding the associated risks as well as guide remediation.
We'll Trust You To:
- Validate vulnerabilities identified by SAST and DAST tools
- Provide remediation guidance to developers and technical managers
- Develop custom security tools and processes used by security teams
You'll Need to Have:
- Familiarity with common security vulnerabilities and attack vectors
- Experience with Python coding
- Experience reading and understanding C/C++ code
- The ability to communicate complicated technical issues and risks to programmers and non-technical stakeholders
We'd Love to See:
- SAST Tool experience
- Experience as a highly technical information security consultant.
- Developer experience, particularly with Python or C/C++
If this sounds like you:
Apply if you think we're a good match. We'll get in touch to let you know what the next steps are.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.