Senior Security Engineer - Application Pentester
New York City
Applications have closed
Sigma Computing
Turn data into insights with Sigma Computing, a cloud-based Business Intelligence (BI) platform. Elevate business decisions by analyzing data at scale for opportunities.
As a member of the Security Team you will be making our service more secure while changing the way security analytics is done. Shifting away from expensive legacy solutions to analyzing security data directly in the data warehouse, building amazing visualizations as well as dashboards and evangelizing this solution in the community. You will be encouraged to blog, speak and join security events to talk about the work you are doing and how other companies can utilize it to better analyze their security data. Beyond security analytics you will also be pushed to solve security problems through automation ("let the robots do the work") and become a leader in this space.If you’re a builder that enjoys working with cutting edge technologies, we’d love to hear from you!
You will
- In this role, you will be part of a dedicated team of talented security engineers performing application penetration testing exercises, code reviews, threat modeling to identify vulnerabilities
- You will strive to understand systems, software, and services deeply and develop creative ways to break assumptions in order to find vulnerabilities
- Perform vulnerability research using a variety of custom tooling and technologies.
- Write proof-of-concept code to demonstrate the impact of a security issue.
- Tracking and researching the latest attacks and how they might apply to our environments.
- Develop scripts or tools to automate assessments of targets
- Conduct independent vulnerability research on launched applications.
- Shaping services through security review of design, architecture, and implementation.
- Build security into our SDLC,
- Build Threat modeling with Engineering Teams.
- Build Red Team Exercises
Qualifications
- Minimum of 5 years of experience in source code auditing, application Pentesting,Static and Dynamic analysis, bug hunting or CTF experience
- You are hands-on, and you can clearly articulate prioritized, actionable security work for Engineering.
- Minimum of 2 years of professional experience in Threat modeling.
- Have demonstrable history in building the application security posture at your previous companies.
- Minimum of 5 years of professional experience with security engineering practices such as in web application security, network security, authentication and authorization protocols, cryptography, automation and other software security disciplines
- Have strong Knowledge of Application Security risks, IAC within containerized and cloud environments.
- Passionate about writing and want to be an evangelist. You'll need to be able to enjoy writing detailed blog posts and technical documentation.
- Building some of these solutions requires some coding exposure. Any past experience in typescript, Golang, or Rust is required.
- Hands-on experience in AWS, GCP or Azure.
- Good to have - Cloud Network Pentesting Experience
Note: The world around us is changing, but we at Sigma Computing are growing and scaling. We raised our Series C in Dec 2021. With that, and us being able to 3X our revenue year on year, hiring and building out the best version of our product is priority. That is why we want to talk to you.
About us:
At Sigma Computing, our mission is to empower everyone to make the best possible decisions at every turn by removing the barriers that prevent people from analyzing data across sources and delivering the full spectrum of self-service cloud analytics and business intelligence.
We recently announced a $300M Series C raise from Co-Leads D1 Capital Partners and XN, Existing Investors Sutter Hill Ventures and Altimeter Capital, and Snowflake Ventures.
Come join us to help us be smarter and grow together!
Benefits For Our Full-Time Employees:
- Equity
- Generous health benefits
- Flexible time off policy. Take the time off you need!
- Flexible schedule, do the work you need to get done in the time you have to get it done
- At least 12 weeks of paid bonding time for all new parents
- Traditional and Roth 401k
- Commuter and FSA benefits
Sigma Computing is an equal opportunity employer. We are committed to building a smart and strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We look forward to learning how your experience can enable all of us to grow.
Note: We have a hybrid work environment.We have safely reopened our office in SF and are following city and CDC guidelines. And our NYC office is close to ready for occupation!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Application security Audits Automation AWS Azure C Cloud Cryptography CTF GCP Golang Network security Pentesting Red team Rust SDLC TypeScript Vulnerabilities
Perks/benefits: Career development Flex hours Flex vacation Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Cyber Security Specialist jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open IPS-related jobs