Sr. Application Security Engineer / Sr. Product Security Engineer (Remote)
AuditBoardWashington, DC, United StatesHace 3 días
Tipo de contrato
- A tiempo completo
- Teletrabajo
Descripción del trabajo5+ years of experience developing or securing web-based applications Experience with modern Javascript (Node.JS, ES6 and TypeScript) and front-end frameworks (Ember, Angular, React, Vue, etc.) Experience with leading threat modeling and secure design reviews Experience with security assessment tools (SCA, SAST, DAST) such as Qualys, SonarCloud, Prisma or similar is a plus. Docker & Kubernetes Excellent organization, time management, and attention to detail Must be action-oriented and have a proactive and collaborative approach to solving issues Participates in the design review process, seeking and providing constructive criticism Provides significant input into system architecture, considers scalability and performance Communicates technical decisions through design docs, tech talks, and the wiki Provides mentorship and technical guidance to junior and mid-level engineers Ability to work within an on-call shift rotation Experience working on SaaS web applications Experience with building and maintaining internal tooling and orchestration using Python and other scripting languages Experience with building and securing CICD pipelines and incorporating supply chain security best practices. Experience with implementing static code analysis, Web Application Firewalls (WAF), or other software security solutions Experience coordinating bug bounty and penetration testing engagements Leveraging, building and securing AI coding assistants, agents, and product solutions BS in Computer Science (or equivalent experience) Customer obsession : Apply relentless focus on listening to and understanding customers as the core of everything we do Win, together : Drive to be the best while supporting each other's success Gritty resilience : Thrive in a fast-paced and dynamic environment, balancing immediate priorities with big-picture strategic goals Personal improvement : Stay eager to share insights, seek feedback, and continuously learn Constant innovation : Challenge the status quo and drive improvements Launch a career at one of the fastest-growing SaaS companies in North America! $200 / mo for anything that enhances your life Remote and hybrid work options, plus lunch in the Cerritos office Comprehensive employee health coverage (all locations) 401K with match (US) or pension with match (UK) Competitive compensation & bonus program Flexible Vacation (US exempt & CA) or 25 days (UK) Time off for your birthday & volunteering Employee resource groups Opportunities for team and company-wide get-togethers! perks may vary based on eligibility / location
Sr. Application Security / Product Security Engineer
AuditBoard is looking for a passionate and experienced Sr. Application Security / Product Security Engineer, who will work along product and engineering teams to develop secure and resilient software used by some of the most security conscious customers on the planet. Supported by the InfoSec team, this position will serve as a Security liaison to the AuditBoard engineering team - assisting them with implementing security best practice at every layer of the SDLC, primarily focusing on threat modeling, secure design review, and triage and prioritization of application security vulnerabilities identified by the infosec team. This role will also be instrumental in the continued development of secure SDLC practices at AuditBoard.
In this role you will be responsible for :
- Working with product and engineering teams to implement security throughout the design and development process.
- Working with JavaScript, Node.JS, Ember, Python, GoLang, Docker, PostgreSQL, and Kubernetes.
- Creating application threat models, performing secure code reviews, and ensuring the use of secure coding practices, with the support of the Infosec team.
- Assisting the infosec team in driving adoption of Secure SDLC solutions and practices, such as SAST, DAST, SCA, IAST, App Runtime.
- Providing subject matter expertise and training on encryption, authentication, key security controls, and secure programming practices.
- Validating, triaging and driving the remediation of vulnerabilities discovered through internal testing, third-party penetration tests, or bug bounty programs.
- Guiding the implementation, configuration and operation of application layer security controls such as Web Application Firewall and DDoS mitigation solutions.
- Assisting with Security Compliance activities as required.
- Assisting with investigation and response to security incidents and web application attacks as necessary.
Requirements
Preferred
Our Company Values :
Perks :
Please note that background checks are required. Qualified Applicants with arrest or conviction records will be considered for Employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
Crear una alerta de empleo para esta búsqueda
Application Security • Washington, DC, United States
Ofertas relacionadas
As the nation's largest producer of clean, carbon-free energy, Constellation is focused on our purpose : accelerating the transition to a carbon-free future.
We have been the leader in clean ener...Mostrar másÚltima actualización: hace 3 días
Oceaneering Technologies (OTECH) develops, manufactures, and operates customized marine systems, shipboard equipment, subsea vehicles, and engineered solutions for commercial and U.Oceaneering Aero...Mostrar másÚltima actualización: hace 27 días
RELOCATION ASSISTANCE : Relocation assistance may be available.At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around th...Mostrar másÚltima actualización: hace más de 30 días
As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure.In this role, the main responsibilities will be to investigate and analyze emerging threat...Mostrar másÚltima actualización: hace más de 30 días
Anduril Industries is a defense technology company with a mission to transform U.By bringing the expertise, technology, and business model of the 21st century's most innovative companies to the def...Mostrar másÚltima actualización: hace 3 días
Established in 1975, Shimadzu Scientific Instruments is one of the largest suppliers of analytical instrumentation, physical testing, and environmental monitoring systems in the world.Ground-breaki...Mostrar másÚltima actualización: hace 29 días
Senior Information System Security Engineer.National Security Sector's (NSS) Cyber & Analytics Business Area (CABA).Our talented team is at the forefront in Security Engineering, Computer N...Mostrar másÚltima actualización: hace 14 días
HackerOne is a global leader in offensive security solutions.Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy...Mostrar másÚltima actualización: hace 9 días
Collaborate with a team of engineers to implement • • • specific security policies in the CI / CD security tools including but not limited to SAST, DAST and SCA applications.
Work with Development, DevO...Mostrar másÚltima actualización: hace 3 días As an Advanced Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure.In this role, the main responsibilities will be to investigate and analyze emerging t...Mostrar másÚltima actualización: hace más de 30 días 
At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live.
As a recognized market leader of term li...Mostrar másÚltima actualización: hace más de 30 días
Web Application Security Engineer.We're looking for someone who has passion for IT, resourceful problem-solving abilities, and a desire to learn our indicators of success in this role.The ideal can...Mostrar másÚltima actualización: hace 3 días
Come build at the intersection of AI and fintech.At Ocrolus, we’re on a mission to help lenders automate workflows with confidence—streamlining how financial institutions evaluate borrowers and ena...Mostrar másÚltima actualización: hace más de 30 días)
Information Security Analyst Duties and Responsibilities.Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments.Enforce zero trust princip...Mostrar másÚltima actualización: hace 8 días
Senior Product Security Engineer.Reston, Virginia, United States.Senior Product Security Engineer.This role is all about protecting hardware — not just the software that runs on it.You’...Mostrar másÚltima actualización: hace más de 30 días
JR101151 Enterprise Functional Applications and Security Analyst (Open).This is a lead functional and security role within Information Technology (IT).
The IT Enterprise Functional Applications & Se...Mostrar másÚltima actualización: hace más de 30 días
Palantir builds the world’s leading software for data-driven decisions and operations.By bringing the right data to the people who need it, our platforms empower our partners to develop lifes...Mostrar másÚltima actualización: hace 5 días
NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers.
Founded in 1985, NDi's firml...Mostrar másÚltima actualización: hace más de 30 días
- Oferta promocionada
I&C, Engineer
Constellation EnergyBenedict, MD, USA tiempo completo
- Oferta promocionada
Physical Security Advisor
Oceaneering International, Inc.Hanover, MD, United StatesA tiempo completo
- Oferta promocionada
Sr. Principal Systems Engineer Spacecraft Avionics Integrated Product Team Lead (IPT) (Top Secret required)
Northrop GrummanDulles Town Center, VA, USA tiempo completo
- Oferta promocionada
Lead Security Engineer - Cyber Security
RelativityWashington, DC, United StatesA tiempo completo
- Oferta promocionada
Technical Security Application Engineer
Anduril IndustriesWashington, DC, United StatesA tiempo completo
- Oferta promocionada
Network Security Engineer
Shimadzu Scientific InstrumentsColumbia, MD, United StatesA tiempo completo
- Oferta promocionada
Sr. Information System Security Engineer TS / SCI Poly
LeidosAnnapolis Junction, MD, USA tiempo completo
- Oferta promocionada
Senior Product Manager, Agentic Offensive Security
hackeroneWashington, DC, United StatesA tiempo completo
- Oferta promocionada
Application Security Engineer
US Tech SolutionsArlington, VA, United StatesA tiempo completo
- Oferta promocionada
Advanced Security Engineer - Cyber Security
RelativityBaltimore, MD, United StatesA tiempo completo
- Oferta promocionada
Senior Security Engineer
Legal & General AmericaFrederick, MD, United StatesA tiempo completo
- Oferta promocionada
Application Security Engineer
Steampunk.comMcLean, VA, United StatesA tiempo completo
- Oferta promocionada
Senior Security Engineer, Product Security
EnboarderWashington, DC, United StatesA tiempo completo
- Oferta promocionada
Azure Security Sr. Engineer
Arena Technical Resources, LLC (ATR)Washington, DC, United StatesA tiempo completo
- Oferta promocionada
Senior Product Security Engineer
Mount IndieReston, VA, USA tiempo completo
- Oferta promocionada
Enterprise Functional Applications and Security Analyst
InsideHigherEdBowie, Maryland, United StatesIndefinido
- Oferta promocionada
Application Security Engineer
Palantir TechnologiesWashington, DC, USA tiempo completo
- Oferta promocionada
Sr. Security Engineer
Network Designs Inc.Washington, DC, USA tiempo completo