Senior Staff Application Security Engineer

From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses, canonical and ready to query, with no engineering or maintenance required. We’re proud that more organizations continue to leverage our technology every day to become truly data-driven.

The Fivetran information security organization is a motivated and innovative team responsible for ensuring the continuous integrity, confidentiality, and availability of customers’ data. Our customers trust us with all their most sensitive information, and we consider maintaining that trust to be a critical, core component of our product and business.

Application Security Engineers at Fivetran have a deep knowledge of secure software development best practices and are responsible for providing the direction, tools, guidance, and resources to empower the engineering teams.  They assist in automating and building robust, quality frameworks, systems, and architecture to address current and future threats to the Fivetran product. Information security concerns are ever-evolving, making the security team an extremely dynamic environment to work in.

As a Senior Staff Application Security Engineer at Fivetran, you will: 

• Partner with and support the engineering teams to advance the overall security of the Fivetran product
• Assist with the design and implementation of Fivetran’s security features and systems
• Analyze, evaluate, deploy and configure tools, including SAST, IAST, DAST, and SCA, to help secure our internal workflow and build pipeline
• Assist developers at Fivetran in writing secure code through training, issue triage, code review and mentorship
• Define measurement success criteria and roll out best practice process habits, focusing on identifying security issues early in the SDLC
• Participate in risk assessments, threat modeling, and general vulnerability management including finding and documenting new vulnerabilities plus prioritizing remediation of open issues

What you bring to the table: 

• Expert in secure coding practices and demonstrated ability to write high-quality secure code
• Professional experience in securing SaaS products, cloud architecture, containers, and Java applications
• Ability to develop threat models, security assessments, and assist with architectural designs
• Familiarity with SAST, IAST, DAST, SCA tool setup and configuration
• Strong communication skills with a proclivity towards collaboration and building meaningful relationships
• Ability to document, communicate and uphold best practices in engineering, security, and design
• Software security related certifications or working toward them (CISSP, CSSLP, CCSP, GPEN, GWEB, GWAPT)

We’re honored to be valued at over $5.6 billion, but more importantly, we’re proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream. To learn more about Fivetran’s culture and what it’s like to be part of the team, click here and enjoy our video.

To learn more about our candidate privacy policy, you can read our statement here.