Ironclad is the #1 contract lifecycle management platform for innovative companies. Every company, in every country, in every industry runs on contracts, but managing these contracts slows companies down and costs them millions of dollars. L’Oréal, Staples, Mastercard, and other leading innovators use Ironclad to collaborate and negotiate on contracts, accelerate contracting while maintaining compliance, and turn contracts into critical carriers of operational business intelligence. It’s the only platform flexible enough to handle every type of contract workflow, whether a sales agreement, an HR agreement or a complex NDA.
Ironclad is writing the narrative that shows how beautiful and functional contracting will change business. We’re a leader in the Forrester Wave for Contract Lifecycle Management. We have been recognized as a Fortune Great Place to Work for four consecutive years. Our innovation and work culture have been recognized by Glassdoor's Best Places to Work 2023, Forbes’ 50 Most Promising AI Companies, Wing Venture Capital's Enterprise Tech 30, and Gartner's Magic Quadrant. We work in a highly collaborative environment, and strive to foster a positive, inclusive culture. We’re backed by leading investors like Accel, Y Combinator, Sequoia, and BOND. For more information, visit www.ironcladapp.com or follow us on LinkedIn and Twitter.
Ironclad is seeking a skilled Application Security Engineer with a passion for securing modern software platforms and protecting sensitive data. We are looking for someone with strong experience in automated vulnerability scanning and penetration testing to strengthen our application security program. The ideal candidate will have experience in software development or testing at SaaS companies or in regulated fields.
This role will be responsible for conducting security assessments, identifying and mitigating risks, and implementing security best practices and process improvements across Ironclad’s Product, Platform and Engineering teams.
Roles & Responsibilities:
Develop and implement secure coding practices, procedures, and standards for software development teams.
Conduct application security assessments and vulnerability testing to identify and mitigate risks.
Perform security reviews of code changes and ensure that security issues are addressed.
Collaborate with cross-functional teams to remediate software vulnerabilities and implement secure coding practices.
Integrate security review processes into Ironclad’s CI/CD pipeline.
Conduct threat modeling and risk analysis to protect sensitive data.
Provide domain expertise on protective controls including system, network, encryption, and authentication services.
Work closely with members of the SRE, Development, IT, and Security teams to drive impactful changes to Ironclad’s cybersecurity posture.
Work closely with the risk and governance teams to implement compliance and security requirements.
Contribute to secure coding and other cybersecurity training programs.
Stay up-to-date with the latest security trends, vulnerabilities, and attack techniques.
Provide technical leadership and mentorship to other members of the engineering and security teams.
Key Skills:
BA/BS/MS in Computer Science or related field or equivalent experience.
3+ Years of experience working in application security or software development, preferably with SaaS companies or in regulated fields.
In-depth knowledge of application security concepts and practices, including OWASP Top 10 and SANS Top 25.
Experience with SAST and SCA tools such as Snyk, Checkmarx, Veracode, WhiteSource, or Black Duck.
Experience with security testing tools such as Burp Suite, AppScan, and Nessus.
Experience with SOC 2, ISO 27001, NIST, and CIS standards and frameworks.
Experience operating in any cloud provider (AWS, GCP, Azure, Digital Ocean etc.).
Ability to appropriately prioritize and respond to different escalations.
Experience working collaboratively with cross-functional teams.
Strong desire to take ownership of problems.
Comfort working in a rapidly evolving environment and dealing with ambiguity.
Excellent communication, analytical and problem-solving skills.
Team and goal-oriented.
High output, low ego.
Nice to Have:
Strong proficiency in scripting and any programming languages (TypeScript, Java, Python, Ruby etc.).
Experience with git and software branching and workflow strategies.
Experience working with modern, microservice architectures including in Kubernetes or other containerized environments.
Experience with enterprise observability platforms such as ELK, Datadog, Prometheus, Grafana, etc.
Knowledge of Terraform or other infrastructure-as-code and configuration management solutions.
Benefits:
Health, dental, and vision insurance
401k
Wellness reimbursement
Take what you need vacation policy
Generous parental leave for both primary and secondary caregivers
Base Salary Range: $190,000 - $210,000
The base salary range represents the minimum and maximum of the salary range for this position based at our San Francisco headquarters. The actual base salary offered for this position will depend on numerous factors, including individual proficiency, anticipated performance, and the location of the selected candidate. Our base salary is just one component of Ironclad’s competitive total rewards package, which also includes equity awards (a new hire grant, along with opportunities for additional awards throughout your tenure), competitive health and wellness benefits, and a commitment to career growth and development.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
0 applies
1 views
Other Jobs from Ironclad
Staff Infrastructure Engineer
Engineering Manager
Staff Software Engineer - AI Incubation
Senior Product Quality Engineer
Senior Business Value Engineer
Similar Jobs
Senior Software Engineer - System Release, DevOps
Senior Software Engineer, Full stack
Senior Software Engineer, Product
Senior Software Engineer, Backend (Web No-Code)
Senior Software Engineer, Infrastructure
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say