Application Security Engineer

Company Description

QAD is building a world-class SaaS company, and we are growing. We are looking for talented individuals who want to join us on our mission to help solve relevant real-world problems in manufacturing and the supply chain.

We are a virtual first company and your primary work experience will be virtual / working from your home.  Occasional travel to a physical office may be required to enhance working relationships, collaboration, design, strategy and alignment. 

Job Description

QAD is seeking an Application Security Engineer. As an Application Security Engineer, you will contribute to ensuring the security and integrity of our organization's applications and software systems. You will assist in identifying security vulnerabilities, conducting risk assessments, and implementing security measures to protect our applications from potential threats. This role requires familiarity with application security best practices and the ability to collaborate effectively with development teams.

What you’ll do:

• Assist in conducting security assessments and penetration testing of applications.
• Support development teams in code review and analysis for security vulnerabilities.
• Collaborate on integrating security measures into application design.
• Participate in evaluating and recommending security controls for applications.
• Assist in developing and updating threat models, and contribute to mitigation strategies.
• Educate development teams on secure coding practices and stay informed about security threats.
• Support incident response team in investigating and mitigating security incidents.
• Contribute to maintaining documentation on security policies and procedures.
• Assist in generating reports on security assessments and recommendations.
• Work with cross-functional teams to integrate security into the software development lifecycle.
• Collaborate with external security organizations to stay updated on threats and vulnerabilities.
• Maintain automated processes for SCA, DAST, and SAST.

• Integrate security testing tools into CI/CD pipelines for continuous security assessments. (Gitlab, Terraform, AWS Inspector) 

Qualifications

What you'll need:

• A bachelor's degree in a relevant field such as Computer Science, Information Technology, Cybersecurity, or a related discipline.
• 2-3 years of experience in application security with exposure to AWS, GCP, and cloud architectures.
• Strong programming and scripting skills (Java, Python, TypeScript).
• Effective written and verbal communication skills in English.
• Familiarity with common application security vulnerabilities (OWASP Top 10) and remediation techniques.
• Exposure to tools and techniques for vulnerability assessment, penetration testing, and code review, for example: Veracode, Snyk, SonarQube, Burp Suite.
• Knowledge of security standards, frameworks, and compliance requirements (SAML, OIDC, OAuth, Spring Security).
• Good communication and collaboration skills.
• Relevant certifications such as CISSP, CSSLP, or CEH are a plus.

Additional Information

• Your health and well being are important to us at QAD. We provide programs that help you strike a healthy work-life balance.
• Opportunity to join a growing business, launching into its next phase of expansion and transformation.
• Collaborative culture of smart and hard-working people who support one another to get the job done.
• An atmosphere of growth and opportunity, where idea-sharing is always prioritized over level or hierarchy.
• Compensation packages based on experience and desired skill set

#LI-GW1

About QAD:

QAD Inc. is a leading provider of adaptive, cloud-based enterprise software and services for global manufacturing companies. Global manufacturers face ever-increasing disruption caused by technology-driven innovation and changing consumer preferences. In order to survive and thrive, manufacturers must be able to innovate and change business models at unprecedented rates of speed. QAD calls these companies Adaptive Manufacturing Enterprises. QAD solutions help customers in the automotive, life sciences, packaging, consumer products, food and beverage, high tech and industrial manufacturing industries rapidly adapt to change and innovate for competitive advantage.

QAD is committed to ensuring that every employee feels they work in an environment that values their contributions, respects their unique perspectives and provides opportunities for growth regardless of background. QAD’s DEI program is driving higher levels of diversity, equity and inclusion so that employees can bring their whole self to work.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. 

#LI-Remote