Lead Application Security Engineer

Provo, Utah, USA

Applications have closed

Arctic Wolf Networks

Arctic Wolf delivers dynamic 24x7 cybersecurity protection tailored to the specific needs of your organization. Ready to boost your security posture?

View company page

Ready to make an impact? Arctic Wolf is looking for a Lead Application Security Engineer to join our pack.

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity.

How fast are we growing? Well, Arctic Wolf was highly ranked in the Deloitte Fast Technology 500 for NorthAmerica in both 2019 (#25) and 2020 (#104)! We have doubled headcount, customers, and revenue for five years running. We are also cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow our teams globally.

In fact, we were named a 2021 Top Workplace USA (Energage) as the top technology firm to work in our size category, were recognized as one of the 2020 Best Places to Work (bizjournals.com), and most recently were certified as a 2021 Great Place to Work (Great Places to Work Institute, Canada). Arctic Wolf believes in corporate responsibility, and our worldwide offices proudly participate in volunteer programs throughout their communities. We’ve also earned distinction from TravelWise for our efforts in promoting sustainable transportation.

Position Overview and Objective

The Lead Application Security Engineer role is responsible for the implementation of measures to ensure the security of Arctic Wolf software systems, applications, code, and related components. This role will work within our Information Security Engineering team to deploy and operationalize technical security capabilities with open collaboration with the Research and Development Team.

Primary Responsibilities and Duties

  • Develop secure coding & secure design principles
  • Train developers, architects, code reviewers, and others on secure coding practices
  • Serve as the subject matter expert for Application Security, providing guidance to Engineering and Product teams
  • Develop standards and training for security testing tools focused on the application layer (e.g., SAST, DAST, IAST, SCA), threat modeling, penetration testing, red team, bug bounty and
  • Work with development teams throughout the entire SDLC to ensure code is secure by design, secure by default, secure in deployment and communication
  • Help software development teams to understand, and remediate security findings
  • Research any reported or suspected application vulnerabilities
  • Implement and configure off-the-shelf application security technologies in the Arctic Wolf internal environment.
  • Create technical approaches to implementing application security control technologies.
  • Contribute to a world-class security program that supports Arctic Wolf’s tremendous growth.
  • Mentors and coaches team members to further develop competencies
  • Assist in developing security related libraries used in our environment
  • Security metrics delivery and improvements.
  • The ability to effectively partner and communicate with Engineering and Product teams

Key Skills

Communication, Threat modeling, Code Review, Penetration Testing, Application Testing, Research

Key Competencies

  • Is able to write clearly and succinctly in a variety of communication settings and styles; can get messages across that have the desired effect.
  • Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.
  • Comes up with a lot of new and unique ideas; easily makes connections among previously unrelated notions; tends to be seen as original and value-added in brainstorming settings.

Minimum Qualifications

  • A Bachelor’s Degree in Computer Science, Information Systems, Engineering, cybersecurity or related technical field; or equivalent experience.
  • 7+ years of experience in security or infrastructure engineering Including assessing and escalating to vendors for troubleshooting purposes.
  • Thorough Understanding of modern software development practices
  • Thorough understanding of OWASP Top 10 vulnerabilities and corresponding best practices for mitigation
  • Experience in deploying application security technologies such as SAST, DAST, IAST, SCA, etc.

Preferred Qualifications

  • Familiarity with cloud infrastructures, with Amazon Web Services (AWS) and/or Azure considered a strong plus.
  • Analytical and quantitative skills with proven experience in developing strategic solutions
  • Significant prior experience securing large-scale web applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws
  • Experience working in a regulated environments (SOX, ISO 27001, etc)

Security Requirements:

  • Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information.
  • Background checks are required for this position

About us:

At Arctic Wolf, we recognize that success comes from delighting our customers. We believe in being lean – in constantly building, measuring, and learning in all aspects of our business. We truly value people. All wolves are welcome to join the Arctic Wolf pack, with compelling compensation packages, benefits, and equity for employees.

Arctic Wolf is focused on building a workforce that is diverse and inclusive. If you’re excited about this role, but do not meet all of the qualifications listed above, we encourage you to apply. We review all applications.  

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.

Arctic Wolf is committed to fostering a welcoming, accessible, respectful and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com

Tags: Application security AWS Azure Cloud Computer Science DAST IAST ISO 27001 OWASP Pentesting Red team SAST SDLC Vulnerabilities

Perks/benefits: Career development Equity

Region: North America
Country: United States
Job stats:  5  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.