Application Security Engineer

United States, Remote

Applications have closed

The Company:

It’s no surprise that 6sense is named a top workplace year after year — we have industry-leading technology developed and taken to market by a world-class team. 6sense is Top Rated on Glassdoor with a 4.9/5 and our CEO Jason Zintak was recognized as the #1 CEO in the small & medium business category by Glassdoor’s 2021 Top CEO Employees Choice Awards.

In 2021, the company was recognized for having the Best Company for Diversity, Best Company for Women, Best CEO, Best Company Culture, Best Company Perks & Benefits and Happiest Employees from the employee feedback platform Comparably. In addition, 6sense has also won several accolades that demonstrate its reputation as an employer of choice including the Glassdoor Best Place to Work (2022), TrustRadius Tech Cares (2021) and Inc. Best Workplaces (2022, 2021, 2020, 2019).

6sense reinvents the way organizations create, manage, and convert pipeline to revenue. The 6sense Revenue AI captures anonymous buying signals, predicts the right accounts to target at the ideal time, and recommends the channels and messages to boost revenue performance. Removing guesswork, friction and wasted sales effort, 6sense empowers sales, marketing, and customer success teams to significantly improve pipeline quality, accelerate sales velocity, increase conversion rates, and grow revenue predictably.

The Team:

Come join a growing security team that is driven to design and improve platform security through innovation, automation, and excellence. This position will handle technical and complex duties in the areas of application security. You will be defending against code vulnerabilities such as injection flaws, cross-site scripting and security misconfigurations to prevent data exfiltration is of utmost importance to our company and our customers. Join the team that will drive the building and adoption of new security tools and technologies while supporting day-to-day security activities, including threat modeling, code reviews, application vulnerability testing and remediation.

What we’re looking for:

Application Security Engineers are charged with making security scalable, usable, continuous and native as well as being a first responder to potential security incidents. If finding security vulnerabilities and engineering solutions for them sounds like a day of fun, then this is the role for you.

In this role, you will:        

  • Implement and maintain manual and automated testing tools and processes for static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST) and interactive application security testing (IAST)
  • Plan, scope and execute application security reviews and engage with product teams and developers to clarify security requirements
  • Patch vulnerabilities in code and systems, working with other Engineering teams to do so if necessary
  • Identify areas for automation and implement security tool integration into CI/CD pipelines to increase security testing coverage
  • Establish metrics and implement reporting to track coverage and effectiveness of security testing
  • Conduct threat modeling and risk analysis to identify gaps, find security bugs and help teams develop mitigation plans
  • Improve the security posture of 6sense products by influencing the architecture, design and development via design input or code review.
  • Mentor software engineers and act as a subject matter expert for security issues and provide guidance on best practices
  • Work with cross-functional teams to influence priority of security features and controls, with minimal authority or supervision.
  • Research emerging threats, publicly disclosed vulnerabilities or attack vectors and proactively push mitigating controls to products and services.
  • Maintaining and improving overall company security posture
  • Working with internal teams and auditors to maintain compliance certifications (e.g. SOC2, GDPR)

What you’ll bring to this role:

  • Strong working knowledge in the domains of Web, Application and Infrastructure Security, OWASP Top 10, SSL/TLS, PKI and practical cryptography usage.
  • Experience integrating SAST, SCA, DAST and IAST solutions into development lifecycle and CI/CD pipeline
  • Ability to understand code level issues and promote secure coding practices for one or more languages like Java, JavaScript, Python, and SQL.
  • Hands-on experience performing threat modeling, risk assessments and architecture reviews for complex products.
  • Experience with security testing tools (e.g. Vulnerability Scanners, Pen Testing Tools)
  • 2+ years experience on an internal security team
  • 2+ years coding / software engineering experience (e.g. Python, Java, Javascript)
  • Experience with Docker
  • Strong communication skills - you may need to explain security concepts to non-technical audiences

Why you’re a great fit:

  • Pen testing experience
  • AWS/GCP/Azure certified developer OR
  • Certified Application Security Engineer (CASE) OR
  • Certified Application Security Specialist (CASS) OR
  • Certified Secure Software Lifecycle Professional (CSSLP) OR
  • GIAC Certified Web Application Defender (GWEB)

Familiarity with security and privacy frameworks and regulations (e.g. SOC, PCI, ISO, GDPR, CCPA)

Every person in every role at 6sense owns a part of defining the future of our industry-leading technology. You’ll join a team where curiosity is prized, no one’s satisfied with the status quo, and everyone’s all-in on the collective good.6sense is a place where difference-makers roll up their sleeves, take risks, act with integrity, and measure successby the value we create for our customers.

We want 6sense to be the best chapter of your career.

Feel part of something

You’ll be part of building tomorrow’s tech, revolutionizing how marketing and sales teams create, manage, and convert pipeline to revenue. And you’ll be seen and appreciated by co-workers who challenge you, cheer you on, and always have your back.

At 6sense, you’ll experience the passion from customers and colleagues alike for our market-leading vision, and you're entrusted with applying your unique talents to help bring that vision to life.

Build a career

As part of a company on a rocketship trajectory, there’s no way around it: You’re going to experience unparalleled career growth. With colleagues as humble and hungry as you are, and a leadership philosophy grounded in trust, transparency, and empowerment, every day is a chance to improve on the one before.

Enjoy access to our Udemy Training Library with 5,000+ courses, give and get recognition from your coworkers, and spend time with our executive team every two weeks in our All Hands gathering to connect, learn and ask leaders about whatever is on your mind.

Enjoy work, and your life

This is a place where you’ll do your best work and inspire others to do theirs — where you’re guaranteed to make real connections, for life, along the way.

We want to help you prioritize health and wellness, today and tomorrow. Take advantage of family medical coverage; a monthly stipend to support your physical, mental, and financial wellness; generous paid parental leave benefits; Plus, we have an open time-off policy, so you can take the time you need.

Set for success 

A vision as big as ours only comes to life when we’re all winning together.

We’ll make sure you have the equipment you need to work at home or in one of our offices. And have the right snacks, pens or lighting with our work-from-home expense reimbursement allowance. We also partner with WeWork to make sure that if your choice is a hybrid of home and office, we have you covered in the locations they’re offered.

That’s the commitment we make to every one of our employees. If this sounds like a place where you'll thrive as you take your success to the next level, let’s chat!

 

6sense is an Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to jobs@6sense.com.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Automation AWS Azure CCPA CI/CD Compliance Cryptography DAST Docker GCP GDPR GIAC IAST Java JavaScript OWASP Pentesting PKI Privacy Python Risk analysis Risk assessment SAST Scripting SOC SOC 2 SQL TLS Vulnerabilities XSS

Perks/benefits: Career development Flex vacation Gear Health care Home office stipend Medical leave Parental leave Team events Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  20  4  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.