Cloud Application Security Engineer
Pune, India
Coupa Software, Inc.
See all of your business spend in one place with Coupa to make cost control, compliance and anything spend management related easier and more effective.Do you want to work for Coupa Software, the world's leading provider of cloud-based spend management solutions? We’re a company that had a successful IPO in October 2016 (NASDAQ: COUP) to fuel our innovation and growth. At Coupa, we’re building a great company that is laser focused on three core values:
1. Ensure Customer Success – Obsessive and unwavering commitment to making customers successful.2. Focus On Results – Relentless focus on delivering results through innovation and a bias for action.3. Strive For Excellence – Commitment to a collaborative environment infused with professionalism, integrity, passion, and accountability.
Responsibilities:
- Penetration testing of web application, utilizing Mitre ATT&CK framework as well as OWASP top 10
- Analysis of application packages, including evaluating dependencies for vulnerabilities
- Receiving external penetration tests and vulnerability reports associated with our web application product and validating the same
- Developing / recommending remediation for findings
- Coordinate and monitor the bug bounty program, including validating potential findings and recommending rewards to lead engineer.
- Conduct Static code analysis using tools and validate findings
- Conduct Dynamic code analysis using tools and validate findings
- Assist with delivering the Application Security strategy, partnering and collaborating with developers and other security teams.
Required Skills and Abilities:
- Bachelor’s Degree in Computer Science or equivalent industry experience
- Penetration testing certification is recommended (CEH, GWEB, GPEN, OSCP)
- 1-3 years of experience required
- Experience with testing platforms such as Metasploit, Burp Suite, etc
- Experience with penetration testing
- Critical thinking skills (ability to solve complex problems)
- Scripting language skill, such as Python, Ba$h, Pearl, JavaScript
- Some development exposure, familiarity with .net and java recommended.
Preferred Skills:
- Advanced certification in penetration testing and exploit creation (such as OSCP)
- Experience with application development and delivery
- Knowledge of more programming languages, such as Go and Ruby
We take care of our employees every way we can, with competitive compensation packages, as well as restricted stock units, an Employee Stock Purchase Program (ESPP), comprehensive health benefits for employees and their families, retirement and savings plans with employer match, a flexible work environment, no limit vacations for exempt employees, non-exempt employees are on an accrual basis for PTO, catered lunches…And much more!
As part of our dedication to the diversity of our workforce, Coupa is committed to Equal Employment Opportunity without regard for race, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity or religion.
Please be advised, inquiries or resumes from recruiters will not be accepted.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Burp Suite CEH Cloud Code analysis Computer Science Exploit GPEN Java JavaScript Metasploit MITRE ATT&CK OSCP OWASP Pentesting Python Ruby Scripting Security strategy Strategy Vulnerabilities
Perks/benefits: Competitive pay Flex vacation Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs