Lead Application Security Engineer
Provo, Utah, USA
Applications have closed
Arctic Wolf Networks
Arctic Wolf delivers dynamic 24x7 cybersecurity protection tailored to the specific needs of your organization. Ready to boost your security posture?Ready to make an impact? Arctic Wolf is looking for a Lead Application Security Engineer to join our pack.
Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity.
How fast are we growing? Well, Arctic Wolf was highly ranked in the Deloitte Fast Technology 500 for NorthAmerica in both 2019 (#25) and 2020 (#104)! We have doubled headcount, customers, and revenue for five years running. We are also cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow our teams globally.
In fact, we were named a 2021 Top Workplace USA (Energage) as the top technology firm to work in our size category, were recognized as one of the 2020 Best Places to Work (bizjournals.com), and most recently were certified as a 2021 Great Place to Work (Great Places to Work Institute, Canada). Arctic Wolf believes in corporate responsibility, and our worldwide offices proudly participate in volunteer programs throughout their communities. We’ve also earned distinction from TravelWise for our efforts in promoting sustainable transportation.
Position Overview and Objective
The Lead Application Security Engineer role is responsible for the implementation of measures to ensure the security of Arctic Wolf software systems, applications, code, and related components. This role will work within our Information Security Engineering team to deploy and operationalize technical security capabilities with open collaboration with the Research and Development Team.
Primary Responsibilities and Duties
- Develop secure coding & secure design principles
- Train developers, architects, code reviewers, and others on secure coding practices
- Serve as the subject matter expert for Application Security, providing guidance to Engineering and Product teams
- Develop standards and training for security testing tools focused on the application layer (e.g., SAST, DAST, IAST, SCA), threat modeling, penetration testing, red team, bug bounty and
- Work with development teams throughout the entire SDLC to ensure code is secure by design, secure by default, secure in deployment and communication
- Help software development teams to understand, and remediate security findings
- Research any reported or suspected application vulnerabilities
- Implement and configure off-the-shelf application security technologies in the Arctic Wolf internal environment.
- Create technical approaches to implementing application security control technologies.
- Contribute to a world-class security program that supports Arctic Wolf’s tremendous growth.
- Mentors and coaches team members to further develop competencies
- Assist in developing security related libraries used in our environment
- Security metrics delivery and improvements.
- The ability to effectively partner and communicate with Engineering and Product teams
Key Skills
Communication, Threat modeling, Code Review, Penetration Testing, Application Testing, Research
Key Competencies
- Is able to write clearly and succinctly in a variety of communication settings and styles; can get messages across that have the desired effect.
- Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.
- Comes up with a lot of new and unique ideas; easily makes connections among previously unrelated notions; tends to be seen as original and value-added in brainstorming settings.
Minimum Qualifications
- A Bachelor’s Degree in Computer Science, Information Systems, Engineering, cybersecurity or related technical field; or equivalent experience.
- 7+ years of experience in security or infrastructure engineering Including assessing and escalating to vendors for troubleshooting purposes.
- Thorough Understanding of modern software development practices
- Thorough understanding of OWASP Top 10 vulnerabilities and corresponding best practices for mitigation
- Experience in deploying application security technologies such as SAST, DAST, IAST, SCA, etc.
Preferred Qualifications
- Familiarity with cloud infrastructures, with Amazon Web Services (AWS) and/or Azure considered a strong plus.
- Analytical and quantitative skills with proven experience in developing strategic solutions
- Significant prior experience securing large-scale web applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws
- Experience working in a regulated environments (SOX, ISO 27001, etc)
Security Requirements:
- Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information.
- Background checks are required for this position
About us:
At Arctic Wolf, we recognize that success comes from delighting our customers. We believe in being lean – in constantly building, measuring, and learning in all aspects of our business. We truly value people. All wolves are welcome to join the Arctic Wolf pack, with compelling compensation packages, benefits, and equity for employees.
Arctic Wolf is focused on building a workforce that is diverse and inclusive. If you’re excited about this role, but do not meet all of the qualifications listed above, we encourage you to apply. We review all applications.
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.
Arctic Wolf is committed to fostering a welcoming, accessible, respectful and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.
Tags: Application security AWS Azure Cloud Computer Science DAST IAST ISO 27001 OWASP Pentesting Red team SAST SDLC Vulnerabilities
Perks/benefits: Career development Equity
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs