Senior Security Engineer
Reno, Nevada, United States
Coupa Software, Inc.See all of your business spend in one place with Coupa to make cost control, compliance and anything spend management related easier and more effective.
Do you want to work for Coupa Software, the world's leading provider of cloud-based spend management solutions? We’re a company that had a successful IPO in October 2016 (NASDAQ: COUP) to fuel our innovation and growth. At Coupa, we’re building a great company that is laser focused on three core values:
1. Ensure Customer Success – Obsessive and unwavering commitment to making customers successful.2. Focus On Results – Relentless focus on delivering results through innovation and a bias for action.3. Strive For Excellence – Commitment to a collaborative environment infused with professionalism, integrity, passion, and accountability.
Coupa Software is looking for a Senior Security Engineer to assist with the maintenance and development of the global security program. This position will report to the Deputy CISO and will primarily focus on security design reviews and technical security reviews. The Senior Security Engineer needs to have expert-level knowledge of Software as a Service security, as well as a solid understanding of security architectures. The role will also require close collaboration with the Engineering organization. If you are a motivated self-starter with a passion for learning and bias for action, this position is for yo
- Governance, Risk and Compliance (GRC) Lead for architecture and risk reviews to identify and evaluate technical and product security risk
- Participate in Design reviews focusing on ensuring the designs adhere to the regulatory, contractual and compliance requirements Coupa must meet
- Perform technical security reviews, to include Threat Modeling, of systems and applications to ensure implementation is consistent with approved designs.
- Coordinate with Engineering and GRC teams to ensure broad understanding of technical security requirements are broadly understood.
- Develop core security patterns that can be leveraged by the Engineering teams.
- Assess risks and weaknesses and identify security design or implementation gaps in existing products and services and those associated with the development of new or significantly improved business applications
- Advise on the adoption of core security services (PKI, Identity, Key Management, Detection and Response and Vulnerability Management).
- Influence the product roadmap, work directly with Engineering and Product leadership to prioritize and execute.
- Works well in a team or solo on various security related projects.
- Extensive knowledge in Cloud Security, specifically software as a service (SaaS) model.
- Advanced written and verbal communication skills. Must have the ability to independently develop relationships and communicate with high level internal and external technical staff.
- Advanced problem solving skills and ability to methodically understand and resolve complex issues.
- Ability to influence several cross-functional departments to gain alignment and to drive design solutions with the appropriate organizations.
- Able to quickly and accurately assess current operations, identify design flaws, and build consensus on both a proposed solution and plan of action.
- Commitment to a learning mindset for all security and compliance related items
- Familiar with ISO 27001, PCI DSS, SOC1 and SOC2, FedRAMP, HIPAA, and other industry standard compliance standards.
- Bachelor’s Degree in Computer Science or equivalent industry experience
- Certification preferences: CISSP, CISM
- Minimum of 5 years of experience in architecting, designing and/or developing SaaS based applications with increasing responsibilities.
- Deep understanding of cloud infrastructure providers such as AWS and/or Azure.
- Contributed to FedRAMP, PCI, SOC2 compliance initiatives.
- Conducting in-depth technical reviews of enterprise systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
- Proven ability to build Threat Models and analyze security weaknesses in complex deployments with varying technology stack
At Coupa, we have a strong and innovative team dedicated to improving the spend management processes of today’s dynamic businesses. It’s our people who make it happen, and we strive to attract and retain the best in every discipline.
We take care of our employees every way we can, with competitive compensation packages, as well as restricted stock units, an Employee Stock Purchase Program (ESPP), comprehensive health benefits for employees and their families, retirement and savings plans with employer match, a flexible work environment, no limit vacations for exempt employees, non-exempt employees are on an accrual basis for PTO, catered lunches…And much more!
As part of our dedication to the diversity of our workforce, Coupa is committed to Equal Employment Opportunity without regard for race, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity or religion.
Please be advised, inquiries or resumes from recruiters will not be accepted.
Other jobs like this
Senior Azure Cloud Security EngineerAnsible Automation AWS Azure CircleCI DevOps Docker Encryption GCP Incident response +9
401(k) matching Career development Equity Flex hours Flex vacation +6
Product Security Engineer - Top Secret ClearanceC Clearance Exploit Golang Product security Python Security Clearance TCP/IP Top Secret Top Secret Clearance +1
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Staff Security Engineer jobs
- Open Head of Information Security jobs
- Open Lead Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Cloud Security Operations Lead jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open CEH-related jobs
- Open Encryption-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Open Source-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Machine Learning-related jobs
- Open DevSecOps-related jobs