Application Security Engineer
Are you looking for a job where you can directly impact the security of software used by thousands of major corporations daily? The security team at Sprout Social is responsible for the security posture of our entire organization including our development and production environments, and internal concerns. As a software company, application security is a key function of that team. You will be responsible for ensuring the security of our code, which is critical to the success of the company. We’re looking for people who know more than how to run a commercial application scanning tool. We expect you to know the internals of how web applications work and be able to work with developers to design around potential security issues.
Sprout Social is a software-as-a-service (SaaS) company with multiple product lines focusing on business and enterprise social media usage. Our main platform is used by 17,000 brands around the world. Companies like Dropbox, Zendesk, Fender, Zipcar and Evernote rely on Sprout to create stronger relationships with their customers through social media.
You might be a good fit for this position if:
- Your browser request for this application was proxied through Burp Suite
- You’ve considered the costs and merits of legally changing your name to become Little Bobby Tables
- You’ve found the movie reference on the Sprout Social site
- Not only can you inject XSS, but you can figure out the best ways to prevent others from doing it in a scaling codebase
- You can recite the OWASP Top Ten without hesitation
Responsibilities
- Use both automated and manual testing tools to find and validate vulnerabilities in our web applications.
- Work with development teams to ensure that new features are designed securely
- Take the lead on implementing fixes for security issues that arise in production code
- Be the champion of secure development practices for the organization
- Effectively communicate with others in the organization about security topics and priorities
- Other responsibilities as needed to cover the needs of the team and organization
Desired Skills and Experience
Need to have:
- Bachelor’s Degree or equivalent experience, in a technical field
- 3+ years of information security experience
- 2+ years of programming experience
- Strong verbal and written communication, and the ability to tailor your message to audiences across and beyond the organization
- Expert-level knowledge of web application security issues and proper mitigations
- Strong understanding of Javascript, Python, and Java
- Ability to pick up new concepts and tools quickly
Nice to have:
- (ISC)2 CISSP or similar certification
About Sprout Social
Sprout Social powers open communication between individuals, brands and communities through elegant, sophisticated software. We are relentless about solving hard problems for our customers and committed to both customer and team success.
Team Sprout is a group of very talented, smart and passionate people with broad interests and backgrounds. We’re proud to regularly be recognized for software, product and company culture achievements. Our team’s shared belief in Sprout’s mission promotes a culture of openness, empowerment and fun. We have built a benefits program to match the strength of our team. This program includes:
- Insurance and benefit options that are built for both individuals and families, including generous company contributions
- Progressive benefit programs, like our parental leave program and free Divvy bike memberships
- High-quality and well-maintained equipment - your computer will never prevent you from doing your best
- Beautiful, convenient and state-of-the-art offices in Chicago’s Loop
- Solid programs in some of the staples: transportation, disability and life insurance
- Wellness initiatives to ensure both health and financial well-being of our team
- Breakfast and lunch options onsite, and more healthy snack options and beverages than you can imagine
- Growing corporate social responsibility program that is driven by the involvement and passion of our team members
Sprout Social is unable to provide H-1B sponsorship.