Security Engineer - New Grad

Company Description

At Qualtrics, our mission is to close experience gaps—the costly differences between what customers and employees expect, and what they’re receiving. 13,000+ organizations worldwide and more than 80% of the Fortune 100 rely on the Qualtrics Experience Management Platform™ to collect, analyze, and act on feedback—more feedback than they ever thought possible. With Qualtrics XM, organizations can manage the four core experiences of business—customer, employee, product, and brand experience. Organizations can be at every meaningful touchpoint, for every experience, and predict what will resonate most with customers and employees.

The Challenge

As Qualtrics continues to expand the Experience Management (XM) platform, we must ensure that we’re protecting our customers and their data by building and operating secure systems. As over a thousand software & system engineers contribute to Qualtrics XM every day, we have a large attack surface to evaluate and secure.

Qualtrics is looking for a security engineer with a passion for security and the aptitude to uncover difficult-to-identify security bugs which require detailed knowledge of our complex systems.

A Day in the Life

• Use manual penetration testing techniques to identify or validate vulnerabilities in Qualtrics web applications, systems, networks and mobile applications
• Leverage your accumulated subject matter expertise of Qualtrics applications, systems and code, as well as findings from SAST, DAST, IAST, network vulnerability scanners and similar assessment tools to augment manual testing
• Manage bug bounty and vulnerability disclosure programs, including the triage and validation of reported findings
• Document remediation recommendations and collaborate with engineers to ensure vulnerability findings are successfully and efficiently addressed
• Review source code & software/system designs, and consult with software engineers across the organization to identify and/or avoid security issues through alignment to security standards
• Document and improve secure SDL processes, standards and guidelines
• Deliver training and provide mentoring to software engineers on security topics
• Facilitate threat modeling exercises to ensure optimized security design decisions are being made
• Automate redundant tasks for assessment and related activities in order to optimize our team’s efficiency and reach

The Expectation for Success

You will work effectively with the Qualtrics engineering organization and fellow security engineers, providing reliable technical security expertise to identify and resolve security issues. You will seek to streamline and automate processes in order to deliver maximum results in limited time.

Skills That Will Lead to Success

• Bachelor’s degree in Computer Science or a related field
• Interest in or focus on Security Engineering
• Experience with modern application development languages and frameworks (e.g., Node.js, Java, Golang, Python, React, Angular)

What differentiates us from other companies

• Work life integration is deeply important to us - we have frequent office events, team outings, and happy hours.
• We take pride in our office design aiming at cultivating creativity from our rooftop views to an open and collaborative work space.
• On top of standard benefits package (medical, dental, vision, life insurance, etc) we provide snacks, drinks, and free lunches in our office.
• We believe in sharing Qualtrics success which is part of the compensation for all employees.

#Eng #University