Senior Application Security Engineer - remote

Posted 3 years ago

Application Security Engineer

As an Application Security Engineer you will have ownership of the security of the platform on both the application and the infrastructure level. This includes identifying and attending to risks and vulnerabilities discovered as well as coordinating with our InfoSec team on policies and audits. Furthermore, you will work closely with the Senior Director of Technology as well as the DevOps team to ensure that our clients’data as well as our platform is operating securely according to the latest security standards.

As a member of an Empowered Product Team, you will be:

  • Accountable for maintaining the security standards according to the requirements of our platform, our company, and our clients.
  • Maintaining the security of the Cloud infrastructure (AWS, GCP) and applications
  • Working with our InfoSec team on security policies, documenting security certifications as well as working with external auditors
  • Identifying current and emerging technology issues such as trends, vulnerabilities and threats
  • Proactively analysing security strategies, maintaining best practices and identifying weaknesses
  • Implementing new security solutions as well as improving on the existing ones on both infrastructure and application level

Requirements

General requirements

  • 10+ years experience in security engineering and developing complex software systems
  • Ability to effectively communicate with non-technical personnel as well as skillset to provide cost-effective security solutions
  • A burning enthusiasm for the latest security news and developments, updates and solutions

Cloud Security

  • Experience with Kubernetes cluster hardening, penetration testing, vulnerability management and patching tools and other DevSecOps related areas
  • Expertize over various products around key areas such as information security, virus protection and firewalls, especially in a cloud environment
  • Security certifications such as CISSP, CCSP, CCSK, GISP and CISM are a bonus, as well as Cloud provider security certifications such as AWS Certified Security Specialist, AWS Solutions Architect Associate / Professional, SysOps and/or DevOps as well as Google Cloud Platform Professional Cloud Security Engineer.

Application Security

  • Understanding of Web Application Security and application level security (OWASP)
  • Solid knowledge of PHP / JS and insecure programming patterns.

Why you’ll love it here

  • Fully remote, diverse international team
  • An extremely talented group of engineers and tech leads to learn from
  • Work directly with product and technology executives
  • Active career coaching and professional development to keep you growing
  • Learning budget (books, online courses)
  • Directly see the impact of your work by working closely with customers and help build the fastest-growing mar-tech platform for top brands

What's SOCi's culture like?

SOCi stands for Selfless, Overachievers, Customer Centric, and Innovative. We strive to be in service to each other, consider learning as Job #1, and obsess over the customer problems such that we can deliver the most valuable solutions to them. We hold each other accountable, are candid in our feedback, and expect you to do the same. It's okay to make mistakes, it's not okay to not learn from them. We partner strongly across departments and function, as we know it'll take a village to succeed. One team, one dream.