Sr Application Security Engineer
Remote - US
Applications have closed
BigID
Reduce risk, accelerate time to insight, and get data visibility and control across all your data - everywhere.Who we are:
BigID is a data intelligence platform for data privacy, security and governance. We're leading innovation in all things data: with new, modern, and ML-driven solutions to age old problems - helping customers drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.
Headquartered in New York City with a worldwide presence, we are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for its data intelligence innovation as a World Economic Forum Technology Pioneer, named to the 2021 Forbes Cloud 100, #19 on the 2021 Inc 5000 (the list of fastest growing private companies in America), and an RSA Innovation Sandbox winner.
At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.
Who we seek:
We are looking for a Sr Application Security Engineer, reporting to the CISO. The Sr Application Security engineer will be a founding member of our Product Security team and will be crucial to the build out of BigID’s Product Security function, while working alongside a rockstar team Cloud and DevOps Engineers. This role will be responsible for developing Application Security workflows, training, and methodologies alongside already established software development practices. A successful candidate will understand and anticipate the needs of the business when proposing solutions and should be comfortable navigating an ambiguous environment with changing priorities.
What you’ll do:
- Create design documents and security requirements for engineering projects
- Work with engineering teams to ensure completion of security requirements
- Assess vulnerabilities and make recommendations on risk level and remediation techniques
- Onboard new security tools, automate tools wherever possible, work with devops team to incorporate security tooling into standard developer workflows and pipelines
- Build standards for and perform SAST, DAST, and threat modeling
- Improve existing SDLC program requirements so security workflows integrated with default development processes
- Build out compliance controls and processes to adhere to compliance requirements (FedRAMP authorization, ISO, SOC 2, etc.)
- Perform code reviews to assess security concerns in both design logic and implementation
- Perform customer calls and answer security questions on implementations and process workflows
- Develop security training and education for software engineers as part of a Security Champion program
What you’ll bring:
- 5+ years’ experience in Application Security
- Significant experience building out Security Champion/Engineering security concepts training
- Strong engineering background with the ability translate complex security concerns to engineering teams
What’s in it for you?!
Our people are the foundation of our success, and we place a high priority on offering a wide range of benefits that make our team happier and healthier.
- Equity participation - everyone shares in our success
- Open vacation policy - take it when you need it
- Flexible work arrangements
- Medical, Dental, Vision, 401k - that go into effect your first day
Our Values:
We look for people who embody our values - Care, Do,Try & Shine.
- Care - We care about our customers and each other
- Do - We do what it takes to make a positive impact
- Try - We try our best and we don’t give up
- Shine - We shine and make it our mission to always stand out
Diversity & Inclusion: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying. Come as you are.
#LI-Remote
#LI-AB1
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Cloud Compliance DAST DevOps FedRAMP Governance Privacy Product security RSA SAST SDLC SOC 2 Vulnerabilities
Perks/benefits: Flex hours Flex vacation Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs