Application Security Engineer II
Boston, MA, United States
Company Description
As the industry leader in compensation management, Payscale is on a mission to help job seekers, employees and businesses get pay right, and make sustainable fair pay a reality. Empowering more than 53 percent of the Fortune 500 in 198 countries, Payscale provides a combination of data-driven insights, best-in-class services, and innovative software to enable organizations such as Angel City Football Club, Perry Ellis International, United Healthcare, Vista, and The Washington Post to make fair and appropriate pay decisions. Pay is powerful. To learn more, visit www.payscale.com
Voted Seattle’s and Boston’s best places to work according to Built In 2022.
Voted one of Seattle’s companies with the best benefits according to Built In 2022.
Job Description
In this role, you will:
Payscale is changing the way companies attract and retain top talent though innovative
compensation-based tools and analytics.
Payscale is looking for an Application Security Engineer II to join our Application Security
initiatives. You will play a key role in finding and fixing application security issues along with
helping define a Secure Software Development Lifecycle (SSDLC). The right individual for
this role will be experienced with software development, static and dynamic scanning tools,
and application security. If you thrive by working in a fast-paced environment and securing
applications, consider this opportunity as the next level in your professional development.
PRIMARY RESPONSIBILITIES:
Execute various levels of security testing on source code and web applications
Automate application scanning and vulnerability assessment processes to support CI/CD
releases
Validate identified security issues within applications and subsequent recommend fixes
Work with Development and QA Teams to reproduce and resolve application security issues
Work with Product Team to prioritize application security findings
Work with Product Teams to ensure features and functionality conform to security
requirements
Support internal audit controls related to application security
Qualifications
We’d love to talk with you if:
- Bachelor’s degree required
- 3-5 years of work experience, preferably in a technology-based company (SaaS experience a plus)
- Experience working with multiple teams including Development, QA, Product, and Security
- Strong understanding of secure web application design principles and frameworks such as OWASP
- Understanding of development security concepts such as sanitization, input/output validation, and trusted types
- Experience with securing application cloud services
- Experience with WAF and WAF rulesets such as AWS WAF, Azure WAF, or Signal Sciences
- Experience finding and validating insecure application features and code
- Experience with SAST and DAST scanning (ex. GitLab, Snyk, Veracode, Netsparker)
- Experience with application exploitation tools such as Metasploit or Burpsuite
- Experience with containerization security practices a plus Security certification such as OSCP, GWAPT, or CompTIA PenTest+
Additional Information
In the spirit of pay transparency, we are excited to share the base salary range for this position is $90,400 - $147,800, exclusive of fringe benefits or potential bonuses. This position is also eligible for an annual corporate bonus of 10%. If you are hired at Payscale, your final base salary compensation will be determined based on factors such as geographic location, skills, education, and/or experience. In addition to those factors – we believe in the importance of pay equity and consider internal equity of our current team members as a part of any final offer. Please keep in mind that the range mentioned above is the full base salary range for the role. Hiring at the maximum of the range would not be typical in order to allow for future & continued salary growth. We also offer a generous compensation and benefits package (more information on benefits listed below).
Benefits and Perks
The Highlights:
All around awesome culture where together we strive to:
Pursue excellence every day
Create customer value
Compete to win (and lose!) as a team
An open and inclusive culture where you’ll learn and grow through programs and resources like:
Monthly company all hands meetings
Regular opportunities for executive leadership exposure
Access to top-notch learning courses through LinkedIn Learning
Regular manager check-ins to drive performance and career growth
A growing network of employee resource groups
And more!
Our more standard benefits *US
A flexible company culture where you’re able to work primarily from your home, with company-provided equipment to set you up for success
Discretionary Paid Time Off, giving you flexibility to rest, relax and recharge away from work.
15 Paid Company Holidays, including an extended Fourth of July Break, World Mental Health Day, and Juneteenth
A comprehensive benefits plan including medical, dental, life, vision, disability and life insurance covered up to 100% by Payscale
401(k) retirement program with a fully vested immediate company match
12 weeks of paid parental leave
Flexible Spending Account options for pre-tax employee allocations
Equal Opportunity Employer:
We embrace equal employment opportunity. PayScale is committed to a policy of equal employment opportunity for all applicants and employees. It is our policy that employees will not be subjected to unlawful discrimination on the basis of race, color, religion, sex, age, national origin, or ancestry, physical or mental disability, veteran or military status, marital status, sexual orientation, political ideology, and any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including but not limited to: recruitment, hiring, transfers, promotions, training, discipline, termination, compensation and benefits, performance appraisals, education, and social and recreational programs.
Tags: Analytics Application security AWS Azure Burp Suite CI/CD Cloud CompTIA DAST GWAPT Metasploit OSCP OWASP SaaS SAST Veracode
Perks/benefits: 401(k) matching Career development Equity Flex hours Flexible spending account Flex vacation Gear Health care Insurance Medical leave Parental leave Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs