Sr Application Security Engineer

Remote - US

Applications have closed

BigID

Reduce risk, accelerate time to insight, and get data visibility and control across all your data - everywhere.

View company page

Who we are:

BigID is a data intelligence platform for data privacy, security and governance.  We're leading innovation in all things data: with new, modern, and ML-driven solutions to age old problems - helping customers drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.

Headquartered in New York City with a worldwide presence, we are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for its data intelligence innovation as a World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, #19 on the 2021 Inc 5000 (the list of fastest growing private companies in America), and an RSA Innovation Sandbox winner.

At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.

Who we seek:

We are looking for a Sr Application Security Engineer, reporting to the CISO. The Sr Application Security engineer will be a founding member of our Product Security team and will be crucial to the build out of BigID’s Product Security function, while working alongside a rockstar team Cloud and DevOps Engineers.  This role will be responsible for developing Application Security workflows, training, and methodologies alongside already established software development practices.   A successful candidate will understand and anticipate the needs of the business when proposing solutions and should be comfortable navigating an ambiguous environment with changing priorities.

What you’ll do:

  • Create design documents and security requirements for engineering projects
  • Work with engineering teams to ensure completion of security requirements 
  • Assess vulnerabilities and make recommendations on risk level and remediation techniques
  • Onboard new security tools, automate tools wherever possible, work with devops team to incorporate security tooling into standard developer workflows and pipelines
  • Build standards for and perform SAST, DAST, and threat modeling
  • Improve existing SDLC program requirements so security workflows integrated with default development processes
  • Build out compliance controls and processes to adhere to compliance requirements (FedRAMP authorization, ISO, SOC 2, etc.)
  • Perform code reviews to assess security concerns in both design logic and implementation 
  • Perform customer calls and answer security questions on implementations and process workflows
  • Develop security training and education for software engineers as part of a Security Champion program

What you’ll bring: 

  • 5+ years’ experience in Application Security
  • Significant experience building out Security Champion/Engineering security concepts training
  • Strong engineering background with the ability translate complex security concerns to engineering teams

What’s in it for you?! 

Our people are the foundation of our success, and we place a high priority on offering a wide range of benefits that make our team happier and healthier.

  • Equity participation - everyone shares in our success
  • Open vacation policy - take it when you need it 
  • Flexible work arrangements 
  • Medical, Dental, Vision, 401k - that go into effect your first day

Our Values:

We look for people who embody our values - Care, Do,Try & Shine.

  • Care - We care about our customers and each other
  • Do - We do what it takes to make a positive impact
  • Try - We try our best and we don’t give up
  • Shine - We shine and make it our mission to always stand out

Diversity & Inclusion: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying. Come as you are.

#LI-Remote

#LI-AB1

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Cloud Compliance DAST DevOps FedRAMP Governance Privacy Product security RSA SAST SDLC SOC 2 Vulnerabilities

Perks/benefits: Flex hours Flex vacation Health care

Regions: Remote/Anywhere North America
Country: United States
Job stats:  14  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.