Senior Application Security Engineer - #2487
Menlo Park, CA
We are hiring an Application Security Engineer for the newly formed Appsec team. In this role, you will work closely with engineering teams that build software to support all Grail’s Commercial Cloud software applications, tools and critical Appsec services (IAM & AWS services). We are looking for folks who are excited about pragmatic risk, continuous operational improvement and customer-centric security experiences. This is an excellent opportunity to join a fast paced, high growth, high impact group and apply new technologies and approaches to define, identify, evaluate, and maintain security for software solutions.
You Will:
- Work within a team of engineers to deliver new features and tools
- Work closely with product owners to transform roadmap items into functional software
- Develop, implement, and maintain identity and access management solutions and AWS cloud platform.
- Improve identity and access management solutions and systems for protection against evolving threats and efficiency.
- Coach other members of the organization on the best practices that should be followed in identity and access management
- Stay up-to-date on current IAM threats and industry solutions
- Responsible for upholding code reviews across all code platforms
- Take charge of bug intake and remediation process for the organization
- Develop, configure and implement tooling to support DevSecOps processes including SAST, DAST, IAST, and SCA, in partnership with DevOps.
- Discover security exposures and develop mitigation plans, and also report and fix the technical debt
Your Background Includes:
- Strong AWS Security experience (AWS Certification is a huge plus) and Application Security Standards
- Programming Skills - Java, Go Languages
- Deep understanding of security principles including encryption, OAuth, etc.
- Extensive knowledge and experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management, etc
- Comprehensive knowledge and experience with authentication standards and technologies such as multi factor authentication, JSON Web Token (JWT), etc.
- Experience in Okta, Auth0 would be a plus
- Experience with SAST, DAST tools
- The ability to collaborate and communicate effectively in all areas of the organization
- Working closely with cross-functional teams (Engineering, DevOps, Product) while carrying out daily tasks
- Bachelor's or Master's degree in Computer Science, Electrical Engineering, Bioinformatics, or similar technical field
- Experience building and deploying applications to AWS or any cloud service provider would be a plus
Following extensive monitoring, consideration of business implications, and advice from internal and external experts, GRAIL US has made the decision to require that all U.S. employees be “Fully Vaccinated” with the COVID-19 vaccine and “Up to Date” with any recommended booster. “Fully Vaccinated” is defined as two weeks after both doses of a two-dose vaccine (e.g. Pfizer or Moderna) or two weeks since a single-dose vaccine (e.g. Johnson & Johnson) has been administered; "Up to Date" means having timely received any COVID-19 vaccine booster(s) in accordance with CDC guidelines. Absent a qualifying exemption, all GRAIL US employees are to comply with this requirement, including providing documentation of such vaccination status, as a condition of employment. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a medical condition or disability that prevents them from being vaccinated, can request a reasonable accommodation for consideration by GRAIL.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS C Cloud Computer Science DAST DevOps DevSecOps Encryption IAM IAST Java JSON Monitoring Okta SAST SSO
Perks/benefits: Health care Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs