Application Security Engineer

Who we are:

BigID is an innovative tech startup that focuses on solutions for data security, compliance, privacy, and governance. We're leading the market in all things data: helping our customers reduce risk, drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.

We are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for being one of CNBC’s Top 25 Startups powering the economy, we're on Built In's 2023 Best Places to Work, one of America's fastest-growing companies, Inc5000 2023, 3 years running, one of the 20 coolest identity access management and data protection companies, CRN Security 100 2023, a Market Leader in DSPM at the 11th annual Global InfoSec Awards (Cyber Defense Magazine) and 2023 Disruptor Gold Winner - Most Disruptive Cyber Security Software, Globee Awards.

At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.

Who we seek:

We’re looking for an Application Security Engineer for our Application Security team As an Application Security Engineer, you will be responsible for safeguarding BigID’s applications as well as creating a robust and secure environment. Our ideal candidate is someone who has hands-on application security experience and can automate tasks.

What you’ll do:

• Perform and automate SAST/DAST and other security testing approaches
• Establish a security champions program
• Review security training materials
• Enable a safe development strategy
• Maintain the vulnerability management program

What you’ll bring:

• Understanding of DevSecOps
• Knowledge of application security principles, practices, and methodologies, such as OWASP and NIST
• Experience with containerized/kubernetes deployments
• Experience with IaC development in AWS or other Cloud providers
• Experience with IaC development for pipeline deployment (GitLab CI/CD, Jenkins, GitHub actions, Azure DevOps, etc.)
• Knowledge of at least one of the following programming languages: python, NodeJS, Java

Advantages:

• Experience with vulnerability management processes
• Experience with OWASP Zap/Burp Suite
• Ability to read multiple programming languages source code and identify vulnerabilities
• Experience with bug bounty program management
• Experience with penetration tests management
• Certifications related to any of the above topics (For example: CEH, CISSP, CompTIA Security+, AWS Security Specialty, OSCP, etc.)
• Experience with program management

What’s in it for you?!

Our people are the foundation of our success, and we prioritize offering a wide range of benefits that make our team happier and healthier.

• Equity participation - everyone shares in our success
• Flexible work arrangements 
• Other compulsory benefits based on country of residence

Our Values:

We look for people who embody our values - Care, Do, Try & Shine.

• Care - We care about our customers and each other
• Do - We do what it takes to make a positive impact
• Try - We try our best and we don’t give up
• Shine - We shine and make it our mission to always stand out
  

#LI-Remote

BigDiversity: We’re committed to creating a culture of inclusion, diversity, and equality – across race, gender, sexuality, disability, and neurodiversity – where innovation and growth thrive, every voice is heard, and everybody belongs. Learn more about us here.

CPRA Employee Privacy Notice: CA 

BigID is an E-Verify Participant.