Senior Application Security Engineer
New York, NY
Yext (NYSE: YEXT) is building the next big thing in AI search, and the next big thing is answers.
With the explosion of information and data online, search has never been more important. However, while the world of consumer search has innovated over time, enterprise search has not. In fact, the majority of enterprise search is powered by outdated keyword technology that only scans for keywords and delivers a list of hyperlinks rather than actually answering questions. Yext, the AI Search Company, offers a modern, AI-powered Answers Platform that understands natural language so that when people ask questions about a business online they get direct answers – not links.
We have a big, audacious mission to transform the enterprise with AI search. To achieve that, we need bright minds and diverse perspectives to join our growing company and help us continue to disrupt an industry. Does this sound like you?
Yext is actively seeking a Senior Application Security Engineer reporting into the Security Office. This role will serve as a technical subject matter expert in various key areas of the product and software platform for the Application Security team such as Threat modeling, Secure code review, penetration testing and other post-deployment security monitoring. This role will enable the product and engineering teams to make the right security & privacy decisions by performing reviews, assessments and other offensive exercises and recommending best practices. This role will also help assist the Application Security leader drive the culture and awareness within Yext around Security practices and compliance initiatives.
In today's dynamic threat environment, software firms are increasingly acknowledged as a highly-targeted industry for cyberattack due to the confidentiality and sensitivity of customer data, as well as the immediacy in which that data is needed to perform their operational duties. Given Yext’s vital role within the software ecosystem, protection of data is paramount in ensuring high-trust relationships with customers, partners and vendors.
What You'll Do
- Design and implement security practices and standards across product and application environments
- Threat Modeling systems and applications and performing security reviews
- Perform detailed penetration tests of web and mobile infrastructure
- Identifying security risks and developing mitigation strategies
- Develop tooling and automation to facilitate continual testing and increase coverage of penetration tests and other security assessments
- Develop system design and software best practices for engineering teams
- Provide guidance for secure coding practices and proactive controls based on OWASP Top 10 and CIS Controls
- Contribute to creation of security training and delivery to internal teams
- Assist in the analysis and response to bug bounty programs
What You Have
- Bachelor’s Degree in Information Technology or related field of study.
- 5 - 7 years of relevant work experience in Development or Security Engineering teams.
- Experience in software development, ability to guide and mentor a technical engineering team in coding and scripting best practices.
- Good understanding of modern application security frameworks and offensive security toolkits.
- Self-motivated team player that is energetic, with excellent interpersonal and organizational skills
- Strong leadership and negotiation skills with technical groups.
- Experience presenting to development and architecture teams on security recommendations
- Strong problem-solving, critical thinking and analytical skills.
- High degree of flexibility, independence, initiative, and detail orientation.
- Ability to present complex ideas in easy-to-understand language
Yext is committed to building an inclusive and diverse culture where every person is seen, heard and valued. We believe in equal employment opportunity and welcome employees and applicants of all races, colors, ethnicities, religions, creeds, national origins, ancestries, genetics, sexes, pregnancy or childbirth, sexual orientations, genders (including gender identity or nonbinary or nonconformity and/or status as a trans individual), ages, physical or mental disabilities, citizenships, marital, parental and/or familial status, past, current or prospective service in the uniformed services, or any characteristic protected under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you require a reasonable accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open IT Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open NIST-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open Unix-related jobs
- Open DNS-related jobs