Sr. Application Security Engineer

About CyberCube:
1) The market leader in digital analytics with the mission of delivering the world’s leading cyber risk analytics on one of the most critical risks of today and the future.2) Exceptionally well-funded startup that has raised over $100MM of capital from top-tier investors that has no need for any additional capital in this current market environment3) Explosive team growth (from 15 employees in SF to >100 people globally).4) Explosive client base growth path with a >99% retention rate.5) An incredibly diverse, collaborative, and high-performing team of insurance industry professionals, data scientists, and engineers who love working here.6) CyberCube and its products win industry awards every year (eg. Cyber Risk Solution of the Year & Stress Scenario Software of the Year in 2023). We were recognized with 9 awards in 2022.7) Senior leadership has a continuous commitment to team members doing the best work of their careers.8) CyberCube is just a place where you can get things done!9) Ranked #11 on Forbes America's Best Startup Employers.
We are looking for a Sr. Application Security Engineer, who will be responsible for aligning our Software Development Life Cycle with security best practices, conducting security assessments on code changes and in general maturing our application security framework, processes and toolsets.

Responsibilities

• Own the application security capability
• Drive the technical direction and roadmap of the application security program
• Lead application security reviews and threat modeling, including code reviews and dynamic testing
• Collaborate with development teams to prepare application security code fixes
• Implement and scale automated security testing to validate that secure coding best practices are being used
• Enable secure development practices through training

Skills

• Familiarity with common security libraries, security controls, and common security flaws
• Development or scripting experience and skills. Node.js and Java are preferred
• Experience with OWASP, static/dynamic analysis, and common security tools
• Experience identifying security issues through code review
• Experience working with developers
• Familiarity with securing applications built on cloud computing environments (AWS preferred)
• Understanding of authorization frameworks (OAuth and JWT)
• Experience working with source control (git, github, bitbucket etc.)
• Experience integrating application security functions into CI/CD processes

Why You'll Love It Here

• Play an instrumental role in reshaping one of the oldest industries in the world
• Competitive salary and unlimited PTO
• Meaningful early stage equity
• Generous healthcare benefits with medical, dental and vision coverage
• Monthly catered lunches and happy hours
• Company paid learning and development assistance
• Flexible working hours and ability to work remotely
• Opportunity to participate in a secondment program 
• Dependant care assistance plan 
• Company supported mentorship program
• Grow in a collaborative, respectful, and empathetic culture

#LI-Remote #LI-Hybrid
CyberCube Analytics, Inc. is an equal opportunity employer. We don’t tolerate discrimination against age, gender, gender identity, gender expression, sexual orientation, race, color, nationality, ethnicity, religion, disability, veteran status, protected genetic information or political affiliation.