Youll be part of our CISO group
The application security group, protects our own application and product, collaborates with our research and development on product security, manages related risks and security value. The team works closely with our internal cross teams to promote security and bring to the next level. The security team also embraces thought leadership and develops policies to promote a more secure world.
In this position you will
Work closely with Product, R&D and DevOps teams to define high level and detailed security requirements for various features.
Lead the AppSec team of Engineers and Offensive security to collaboratively build the security posture.
Build, maintain, and improve AppSec processes & tools.
Work with R&D teams to review code for security vulnerabilities (manual and automated)
Perform periodic application level penetration tests on major features and versions.
Evaluate the security posture of various 3rd party tools, libraries and vendors from application security perspective.
Drive and track the progress of security bug resolution with R&D and DevOps teams.
Work on RFP and Audit responses as needed.
4+ years of experience in hands-on application security field including SDLC process.
2+ years of Leadership experience.
Deep knowledge of common application level vulnerabilities and mitigation (OWASP top 10, SANS 25, etc).
Strong manual code review skills in Java, C/C++, Python, Node.js.
Good knowledge of secure coding best practices and ability to guide R&D teams on how to write secure code.
Experience with SAST tools
Familiarity with docker containers, Kubernetes, etc.
