Application Security Engineer
Pune, India
Coupa Software, Inc.
See all of your business spend in one place with Coupa to make cost control, compliance and anything spend management related easier and more effective.Do you want to work for Coupa Software, the world's leading provider of cloud-based spend management solutions? We’re a company that had a successful IPO in October 2016 (NASDAQ: COUP) to fuel our innovation and growth. At Coupa, we’re building a great company that is laser focused on three core values:
1. Ensure Customer Success – Obsessive and unwavering commitment to making customers successful.2. Focus On Results – Relentless focus on delivering results through innovation and a bias for action.3. Strive For Excellence – Commitment to a collaborative environment infused with professionalism, integrity, passion, and accountability.
About the role:
- Expand the application security landscape at Coupa
- Being a hands-on developer is a key responsibility in this role
- Software development skills in at least two from Ruby, Go, Java, Python and Javascript is required
- Ability to perform code reviews and mentor team members
- Passion for building security-focused features that perform at scale
- Track vulnerability reports and contribute security fixes
- Design and implement application changes to meet security compliance requirements
- Participate in the development and operational design reviews with a focus on application security
- Evaluate new security technologies and make recommendations to strengthen our application
- Be a champion of Coupa’s Secure Software Development Lifecycle (SSDLC) methodologies
About you:
- Good understanding of Information Security Concepts
- Knowledge of common application security issues (e.g. OWASP Top 10)
- Knowledge of identity management tools, SAML, OIDC, and SSO integrations
- Knowledge of OAuth and security best practices
- Knowledge of different algorithms like symmetric, PKI, and hashing algorithms.
- Demonstrated proficiency in coding, data structures, design principles, and programming concepts
- Good understanding of security/access control, scalability, high availability and concurrency
- Passionate about new technologies, trends, and eager to find ways to incorporate these new ideas into our solutions
- Self-motivated, go-getter, passion for learning, strong communication skills
Within 1 month, you will:
- Complete the onboarding program
- Get familiar with the people within and across teams
- Get a good understanding of Coupa Product and different functional areas
- Learn the basics of programming in Ruby and Go
- Learn about our Tech Stack, development and release processes
- Dive into technology by pair-programming with your teammates and attending engineering training sessions designed and presented by your peers
Within 3 months, you will:
- Learn the Security tools/devices used in Coupa
- Learn about application security issues (e.g. OWASP Top 10)
- Learn about secure coding practices
- Have a good understanding of identity management tools, SAML, OIDC, and SSO integrations
- Understand OAuth, all grant types and security best practices
- Learn about different security methodologies, including symmetric/asymmetric keys, PKI, hashing algorithms, and more.
- Learn about security compliance requirements
- Learn about Cloud Based Service Providers like AWS, Azure, GCP
Within 6 months, you will:
- Participate in the design process of security solutions
- Contribute to security fixes and fine-tune existing security tools
- Participate in the design reviews with a focus on application security
- Work with the team on feature design and development focussed on application security, and learn how to effectively collaborate with cross-functional teams
- Track vulnerability reports
Within 12 months, you will:
- Evaluate new security technologies and make recommendations to strengthen our application
- Contribute to the development and operational design reviews with a focus on application security
- Design and implement application changes to meet security compliance requirements
- Assist your peers with code reviews
- Provide application security training to the teams
- Work with third-party vendors/service providers
We take care of our employees every way we can, with competitive compensation packages, as well as restricted stock units, an Employee Stock Purchase Program (ESPP), comprehensive health benefits for employees and their families, retirement and savings plans with employer match, a flexible work environment, no limit vacations for exempt employees, non-exempt employees are on an accrual basis for PTO, catered lunches…And much more!
As part of our dedication to the diversity of our workforce, Coupa is committed to Equal Employment Opportunity without regard for race, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity or religion.
Please be advised, inquiries or resumes from recruiters will not be accepted.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure Cloud Compliance GCP Hashing Java JavaScript OWASP PKI Python Ruby SAML SSO
Perks/benefits: Career development Competitive pay Flex vacation Health care Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs