Application Security Engineer
United States, Remote
Applications have closed
6sense Insights, Inc.
The Company:
It’s no surprise that 6sense is named a top workplace year after year — we have industry-leading technology developed and taken to market by a world-class team. 6sense is Top Rated on Glassdoor with a 4.9/5 and our CEO Jason Zintak was recognized as the #1 CEO in the small & medium business category by Glassdoor’s 2021 Top CEO Employees Choice Awards.
In 2021, the company was recognized for having the Best Company for Diversity, Best Company for Women, Best CEO, Best Company Culture, Best Company Perks & Benefits and Happiest Employees from the employee feedback platform Comparably. In addition, 6sense has also won several accolades that demonstrate its reputation as an employer of choice including the Glassdoor Best Place to Work (2022), TrustRadius Tech Cares (2021) and Inc. Best Workplaces (2022, 2021, 2020, 2019).
6sense reinvents the way organizations create, manage, and convert pipeline to revenue. The 6sense Revenue AI captures anonymous buying signals, predicts the right accounts to target at the ideal time, and recommends the channels and messages to boost revenue performance. Removing guesswork, friction and wasted sales effort, 6sense empowers sales, marketing, and customer success teams to significantly improve pipeline quality, accelerate sales velocity, increase conversion rates, and grow revenue predictably.
The Team:
Come join a growing security team that is driven to design and improve platform security through innovation, automation, and excellence. This position will handle technical and complex duties in the areas of application security. You will be defending against code vulnerabilities such as injection flaws, cross-site scripting and security misconfigurations to prevent data exfiltration is of utmost importance to our company and our customers. Join the team that will drive the building and adoption of new security tools and technologies while supporting day-to-day security activities, including threat modeling, code reviews, application vulnerability testing and remediation.
What we’re looking for:
Application Security Engineers are charged with making security scalable, usable, continuous and native as well as being a first responder to potential security incidents. If finding security vulnerabilities and engineering solutions for them sounds like a day of fun, then this is the role for you.
In this role, you will:
- Implement and maintain manual and automated testing tools and processes for static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST) and interactive application security testing (IAST)
- Plan, scope and execute application security reviews and engage with product teams and developers to clarify security requirements
- Patch vulnerabilities in code and systems, working with other Engineering teams to do so if necessary
- Identify areas for automation and implement security tool integration into CI/CD pipelines to increase security testing coverage
- Establish metrics and implement reporting to track coverage and effectiveness of security testing
- Conduct threat modeling and risk analysis to identify gaps, find security bugs and help teams develop mitigation plans
- Improve the security posture of 6sense products by influencing the architecture, design and development via design input or code review.
- Mentor software engineers and act as a subject matter expert for security issues and provide guidance on best practices
- Work with cross-functional teams to influence priority of security features and controls, with minimal authority or supervision.
- Research emerging threats, publicly disclosed vulnerabilities or attack vectors and proactively push mitigating controls to products and services.
- Maintaining and improving overall company security posture
- Working with internal teams and auditors to maintain compliance certifications (e.g. SOC2, GDPR)
What you’ll bring to this role:
- Strong working knowledge in the domains of Web, Application and Infrastructure Security, OWASP Top 10, SSL/TLS, PKI and practical cryptography usage.
- Experience integrating SAST, SCA, DAST and IAST solutions into development lifecycle and CI/CD pipeline
- Ability to understand code level issues and promote secure coding practices for one or more languages like Java, JavaScript, Python, and SQL.
- Hands-on experience performing threat modeling, risk assessments and architecture reviews for complex products.
- Experience with security testing tools (e.g. Vulnerability Scanners, Pen Testing Tools)
- 2+ years experience on an internal security team
- 2+ years coding / software engineering experience (e.g. Python, Java, Javascript)
- Experience with Docker
- Strong communication skills - you may need to explain security concepts to non-technical audiences
Why you’re a great fit:
- Pen testing experience
- AWS/GCP/Azure certified developer OR
- Certified Application Security Engineer (CASE) OR
- Certified Application Security Specialist (CASS) OR
- Certified Secure Software Lifecycle Professional (CSSLP) OR
- GIAC Certified Web Application Defender (GWEB)
Familiarity with security and privacy frameworks and regulations (e.g. SOC, PCI, ISO, GDPR, CCPA)
Every person in every role at 6sense owns a part of defining the future of our industry-leading technology. You’ll join a team where curiosity is prized, no one’s satisfied with the status quo, and everyone’s all-in on the collective good.6sense is a place where difference-makers roll up their sleeves, take risks, act with integrity, and measure successby the value we create for our customers.
We want 6sense to be the best chapter of your career.
Feel part of something
You’ll be part of building tomorrow’s tech, revolutionizing how marketing and sales teams create, manage, and convert pipeline to revenue. And you’ll be seen and appreciated by co-workers who challenge you, cheer you on, and always have your back.
At 6sense, you’ll experience the passion from customers and colleagues alike for our market-leading vision, and you're entrusted with applying your unique talents to help bring that vision to life.
Build a career
As part of a company on a rocketship trajectory, there’s no way around it: You’re going to experience unparalleled career growth. With colleagues as humble and hungry as you are, and a leadership philosophy grounded in trust, transparency, and empowerment, every day is a chance to improve on the one before.
Enjoy access to our Udemy Training Library with 5,000+ courses, give and get recognition from your coworkers, and spend time with our executive team every two weeks in our All Hands gathering to connect, learn and ask leaders about whatever is on your mind.
Enjoy work, and your life
This is a place where you’ll do your best work and inspire others to do theirs — where you’re guaranteed to make real connections, for life, along the way.
We want to help you prioritize health and wellness, today and tomorrow. Take advantage of family medical coverage; a monthly stipend to support your physical, mental, and financial wellness; generous paid parental leave benefits; Plus, we have an open time-off policy, so you can take the time you need.
Set for success
A vision as big as ours only comes to life when we’re all winning together.
We’ll make sure you have the equipment you need to work at home or in one of our offices. And have the right snacks, pens or lighting with our work-from-home expense reimbursement allowance. We also partner with WeWork to make sure that if your choice is a hybrid of home and office, we have you covered in the locations they’re offered.
That’s the commitment we make to every one of our employees. If this sounds like a place where you'll thrive as you take your success to the next level, let’s chat!
6sense is an Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to jobs@6sense.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure CCPA CI/CD Compliance Cryptography DAST Docker GCP GDPR GIAC IAST Java JavaScript OWASP Pentesting PKI Privacy Python Risk analysis Risk assessment SAST Scripting SOC SOC 2 SQL TLS Vulnerabilities XSS
Perks/benefits: Career development Flex vacation Gear Health care Home office stipend Medical leave Parental leave Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs