Application Security Engineer at Uptake
What We Do
Uptake is the premier Industrial AI company, providing a predictive analytics SaaS platform that empowers major industry leaders to optimize performance, reduce asset failures and enhance safety. At Uptake, we combine our strengths—machine learning, analytics, data visualization and software development—with the expertise of our industrial customers and partners. The result is enormous savings in development time and resources for every user of Uptake’s industrial applications and enterprise AI and IoT platform. In the end, we help solve our customers hardest problems, help them re-image their businesses in an AI-first world, ultimately capitalizing on the promise of the digital transformation.
What You'll Do:
The Application Security Engineer is part of the Information Security Team at Uptake and will spend time on rotation within various Uptake Engineering teams to lead in the development of security controls, security defect remediation, and foster a culture of security within the developer community.
Some of the things you may find yourself doing:
- Advise Engineering teams on the best ways to develop to prevent future security issues
- Acquire an overall understanding of codebase to help establish roadmaps to remediate gaps
- Serve as a trusted adviser for development groups
- Maintain skills with new and evolving security frameworks.
- Evaluate re-usable code/libraries that are internally/externally developed for their ability to securely perform features like authentication, session management, etc.
- Responding to key risk indicator questions during the SDLC process
- Drive the adoption of techniques and processes for developing secure applications
- Build secure-by-design frameworks and middleware libraries to promote re-use of secure code
- Identify and close organizational knowledge gaps based on vulnerability trend information
- Provide security consulting and mentoring to internal development teams
- Provide application contextual knowledge to the security point of contact to accurately categorize severity of issues identified by the Information Security team
- Provide input on risk acceptance decisions to the Information Security team
- Build internal knowledge for software security including reference material
- Minimum 2 years of development experience with an emphasis on secure coding best practices and manual code review.
- Proven track record in implementation of security controls in the development process
- Familiarity with various OWASP frameworks, standards and cheat-sheets.
- Knowledge of cloud and virtualization technologies and platforms.
- Experience in software development continuous integration and continuous deployment
- Strong interpersonal skills and expert team player with demonstrated ability to build collaborative relationships
- Ability to effectively execute and drive cross functional teams in a fast paced startup environment
- University/College Degree
Nice to Have’s:
- CSSLP certification
- Active member of the information security community.
Why Work Here
Uptake is a values-driven organization, and we are excited about what we do. We’re flexible, honest, hardworking, and collaborative. As a team, we bring our diverse backgrounds, beliefs, and experiences together to solve tough, important problems. We support and challenge one another to bring out the best in each of us, and we might have a little fun along the way. We’re also proud to be one of Chicago’s best places to work in 2018 according to Forbes and Great Place to Work Institute.
We offer generous benefits including health, dental, vision, parental leave, 401K match, and unlimited vacation. We are lifelong learners, and our Uptake University program offers training and professional development on a wide variety of topics. We also have employee-led community groups including [email protected], [email protected], [email protected], [email protected], and many more. Learn more at https://www.uptake.com/careers.
Applicants must be authorized to work in the U.S.
Uptake welcomes and encourages applications from all individuals, without regard to any prohibited ground of discrimination, including from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.