Senior Application Security Engineer
Nashville, TN (Hybrid) or Remote (United States)
Applications have closed
Built’s platform for the construction finance industry modernizes the movement of money between all stakeholders within the construction and real estate process to manage risk and maximize productivity. Built provides software, payments, B2B marketplace, and data solutions to more than 190 of the top financial institutions and hundreds of contractors throughout North America.
In addition to our recent $125M Series D funding and $1.5B valuation, we’re proud to have been named one of Forbes’ Best Startup Employers in America and one of The Tennessean’s 2022 Top Workplaces. Bringing on the “best talent in the world” is at the forefront of our continued growth trajectory—and we want you to be part of it.
LINKS- Series D Financing Round- Built Upon 2021 Success
Primary Duties and Responsibilities:
- Work closely with engineering to help enable developers to produce secure code
- Analyze security gaps in software processes and controls; then design, implement, and deploy automation to close said gaps
- Validate findings from security scanning tools in the SDLC for static (SAST), dynamic (DAST), and open source application testing (SCA), and help validate and advise on remediations
- Help ensure implementation of software security standards
- Ensure secure practices for CI/CD systems as well as some infrastructure-as-code
- Test, replicate and validate security vulnerabilities in applications
- Secure Code Review
- Support for Secure Code audits and assessments
Skills and Specifications:
- Understand and be comfortable explaining OWASP top 10 vulnerabilities
- Proficiency in at least one programming language (Python, NodeJS preferred)
- Strong scripting language skills (Bash, PowerShell, etc.)
- An understanding of modern software development methodologies, and CI/CD solutions and processes
- Analytical skills, and strong creative and conceptual thinking skills
- Growth mindset, pushing toward excellence and focus on continuous improvements
Requirements:
- 5+ years in information security or in secure code development
- Experience working for a software development/SaaS/PaaS company preferred
- Demonstrated passion for information security via participation/leadership in conferences, webinars, Capture the Flag (CTF), TryHackMe, Bug Bounty, CVEs, and/or personal projects
- Security certifications (OSCP, GWEB, etc.) are nice but not required
Our company is made up of passionate people who are driven in a variety of disciplines—and each of them bring their unique perspective to everything they do. Creating a safe and inclusive workplace is critical to the success of our company and of our employees, so it’s our aim to recruit, hire and promote without bias against race, color, religion, sex, sexual orientation, gender identity, marital status, veteran status or any other status protected by applicable law. As we learn and as we grow, we’re committed to ensuring that these ideals are at the forefront of everything we do.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits Automation Bash CI/CD CTF DAST Finance FinTech Node.js Open Source OSCP OWASP PaaS PowerShell Python SaaS SAST Scripting SDLC Vulnerabilities
Perks/benefits: Career development Competitive pay Conferences Equity Flex hours Flex vacation Health care Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs