“The limit of our growth is going to be our imagination and product ideas – not technology.” – Mohit Kapoor, CTO
What we’ll bring:
· A welcoming and energetic environment that encourages collaboration and innovation. We consistently explore new technologies and tools.
· Flexible time off (unlimited), workplace flexibility, an environment that welcomes continued professional growth through support of tuition reimbursement, conferences and trainings.
· Our culture encourages our people to hone current skills and build new capabilities.
What you’ll bring:
· 3+ years of experience in Information Security or related field
· 2+ years of experience with Application Security & Application Penetration Testing
· Understanding of network protocols coupled with experience in one or more of the following: web proxies, web application firewalls, and vulnerability assessment tools
we’d love to see:
· Familiarity or experience with CI/CD systems
· One or more of the following certifications (or similar): GPEN, GWAPT, GWEB, OSCP, CASS, CISSP, eCPPT, etc.
· Familiarity with tools such as Veracode, HP WebInspect and BlackDuck
Impact you’ll make:
· Provide expert level security consultation to project teams, application owners, and general technology teams on relevant security controls and Secure-SDLC process requirements
· Build & Monitor systems that ensure application security policies, coding standards and required security controls are being followed and appropriately mitigating threats
· Oversee required security education initiatives and foster a security-conscious culture within AppDev teams
· Develop, Enhance, and Participate, as needed, in security portion of Secure-SDLC
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.