Engineering Manager - Product/Application Security 🇺🇸
Remote - US
Applications have closed
Couchbase, Inc.
Couchbase is the NoSQL cloud database platform for business-critical applications. Fast with SQL familiarity and JSON flexibility. ✓ Learn more.Key Responsibilities:
- Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; Advise and implement secure software architecture patterns.
- Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
- Integrate application security tools within existing development, build and deployment processes.
- Conduct dynamic and static code scan reviews and run-time tests.
- Assist with the planning and execution of application penetration tests.
- Interface and collaborate with Engineering, Cloud and SOC teams during security incidents.
- Define and enforce IAM guidelines.
- Champion the remediation of security vulnerabilities in the products within define SLAs.
- Assist in completing RFP security questionnaires.
- Define and establish a bug bounty program.
Qualifications:
- BS in Computer Science, Information Security, or a related field.
- 6-8+ years’ experience focused in the areas of software engineering, application security, cloud security and related disciplines.
- Solid understanding of current secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices.
- Familiarity with a variety of software development and automation tools (e.g., GitHub, Jira, Jenkins, Qualys, SonarCube, Veracode, BlackDuck etc.)
- A good understanding of threat modeling and how to mitigate application security risks.
- Knowledge of vulnerability management including CVSS scoring and CVEs across open source and third-party software and supply chains.
- Strong understanding of various types of cloud service models (IAAS, PAAS, SAAS).
- In Addition, good understanding of security features in AWS, Azure and GCP Infrastructure.
- Good understanding of SSO, including OAUTH, SAML, Database and Mobile security experience a plus.
- Industry Certifications such as CISSP, CISM, AWS Certified Security, Azure Security, Google Cloud Security Engineer are considered a plus.
- Highly effective written and oral communication skills.
- Strong project management skills and ability to work independently on engagements.
About CouchbaseAt Couchbase, we believe data is at the heart of the enterprise. We empower developers and architects to build, deploy, and run their most mission-critical applications. Couchbase delivers a high-performance, flexible and scalable modern database that runs across the data center and any cloud. Many of the world’s largest enterprises rely on Couchbase to power the core applications their businesses depend on.
As a 2021 Bay Area Best Places to Work winner, Couchbase recognizes the need for time off when you need it. Enjoy unlimited time off (DTO), matching 401K contributions, ESPP and many other amazing benefits. See more of our recent awards to learn what makes Couchbase such a great company to work at.
Learn more about Couchbase and our technical capabilities:
* Compare Couchbase vs. MongoDB * Compare Couchbase vs. Oracle * Browse the Developer Portal
Couchbase is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
By using this website and submitting your information, you acknowledge our Candidate Privacy Notice and understand your personal information may be processed in accordance our Candidate Privacy Notice.
Tags: Agile Application security Automation AWS Azure CISM CISSP Cloud Compliance Computer Science CVSS GCP GitHub IaaS IAM Jira Mobile security MongoDB Open Source Oracle OWASP PaaS Privacy Product security Qualys SaaS SAML SAMM SDLC SLAs SOC SSO Veracode Vulnerabilities Vulnerability management
Perks/benefits: Career development Flex vacation Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs