Senior Security Engineer - Application Pentester

New York City

Sigma Computing

Turn data into insights with Sigma Computing, a cloud-based Business Intelligence (BI) platform. Elevate business decisions by analyzing data at scale for opportunities.

View company page

 

 

As a member of the Security Team you will be making our service more secure while changing the way security analytics is done. Shifting away from expensive legacy solutions to analyzing security data directly in the data warehouse, building amazing visualizations as well as dashboards and evangelizing this solution in the community. You will be encouraged to blog, speak and join security events to talk about the work you are doing and how other companies can utilize it to better analyze their security data. Beyond security analytics you will also be pushed to solve security problems through automation ("let the robots do the work")  and become a leader in this space.If you’re a builder that enjoys working with cutting edge technologies, we’d love to hear from you!

You will

  • In this role, you will be part of a dedicated team of talented security engineers performing application penetration testing exercises, code reviews, threat modeling to identify vulnerabilities
  • You will strive to understand systems, software, and services deeply and develop creative ways to break assumptions in order to find vulnerabilities
  • Perform vulnerability research using a variety of custom tooling and technologies.
  • Write proof-of-concept code to demonstrate the impact of a security issue.
  • Tracking and researching the latest attacks and how they might apply to our environments.
  • Develop scripts or tools to automate assessments of targets
  • Conduct independent vulnerability research on launched applications.
  • Shaping services through security review of design, architecture, and implementation.
  • Build security into our SDLC,
  • Build Threat modeling with Engineering Teams. 
  • Build Red Team Exercises

Qualifications

  • Minimum of 5 years of experience in source code auditing, application Pentesting,Static and Dynamic analysis,  bug hunting or CTF experience
  • You are hands-on, and you can clearly articulate prioritized, actionable security work for Engineering.
  • Minimum of 2 years of professional experience in Threat modeling.
  • Have demonstrable history in building the application security posture at your previous companies.
  • Minimum of 5 years of professional experience with security engineering practices such as in web application security, network security, authentication and authorization protocols, cryptography, automation and other software security disciplines
  • Have strong Knowledge of Application Security risks, IAC within containerized and cloud environments. 
  • Passionate about writing and want to be an evangelist. You'll need to be able to enjoy writing detailed blog posts and technical documentation. 
  • Building some of these solutions requires some coding exposure. Any past experience in typescript, Golang, or Rust is required.
  • Hands-on experience in AWS, GCP or Azure.
  • Good to have - Cloud Network Pentesting Experience

Note: The world around us is changing, but we at Sigma Computing are growing and scaling. We raised our Series C in Dec 2021. With that, and us being able to 3X our revenue year on year, hiring and building out the best version of our product is priority. That is why we want to talk to you.

About us:

At Sigma Computing, our mission is to empower everyone to make the best possible decisions at every turn by removing the barriers that prevent people from analyzing data across sources and delivering the full spectrum of self-service cloud analytics and business intelligence.

We recently announced a $300M Series C raise from Co-Leads D1 Capital Partners and XN, Existing Investors Sutter Hill Ventures and Altimeter Capital, and Snowflake Ventures.

Come join us to help us be smarter and grow together!

Benefits For Our Full-Time Employees:

  • Equity
  • Generous health benefits
  • Flexible time off policy. Take the time off you need!
  • Flexible schedule, do the work you need to get done in the time you have to get it done
  • At least 12 weeks of paid bonding time for all new parents
  • Traditional and Roth 401k
  • Commuter and FSA benefits

Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.

Note: We have a hybrid work environment.We have safely reopened our office in SF and are following city and CDC guidelines. And our NYC office is close to ready for occupation!

 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics Application security Audits Automation AWS Azure C Cloud Cryptography CTF GCP Golang Network security Pentesting Red team Rust SDLC TypeScript Vulnerabilities

Perks/benefits: Career development Flex hours Flex vacation Health care Team events

Region: North America
Country: United States
Job stats:  12  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.