No matter who you are, Pax8 is a place you can call home. We know there’s no such thing as a “perfect" candidate, so we don’t look for the right "fit" – instead, we look for the add. We encourage you to apply for a role at Pax8 even if you don’t meet 100% of the bullet points. We believe in cultivating an environment with a diversity of perspectives, in hopes that we can all thrive in an inclusive environment.
We are only as great as our people. And we have great people all over the world. No matter where you live and work, you’re a part of the Pax8 team. This means embracing hybrid- and remote-work whenever possible.
Position Summary:
Pax8’s Platform Security team is responsible for the implementation and operation of our application and infrastructure security program. As a vital member of this group, the Sr. Application Security Engineer helps build and reinforce the security posture of Pax8’s software development lifecycle.
They collaborate closely with our software development teams as we evolve our world-class software marketplace. The Sr. Engineer is responsible for the identification, evaluation, and mitigation of security defects; conducting and maintaining application threat models; designing and implementing secure development frameworks; training teams on secure coding practices; and validating security processes throughout the application build, deployment, and operation processes.
Essential Responsibilities (includes, but is not limited to):
- Serve as a subject matter expert on application security to drive security considerations into product design and software development processes.
- Create and maintain risk assessments and threat models against evolving features in the Pax8 software platform.
- Develop and manage application security testing processes, including automated testing and manual design review processes.
- Assist teams in reproducing, triaging, and addressing security vulnerabilities.
- Develop security standards and best practices, both in the form of written documentation and code-based guardrails.
- Maintain application security tooling and associated process documentation as necessary.
- Advocate for security best practices throughout the software engineering organization by leading security training for software development teams.
Ideal Skills, Experience, and Competencies:
- At least five (5) years of experience in application/product security.
- Strong background in the OWASP Top 10 application security defects, including the ability to identify and remediate such vulnerabilities in different languages.
- Demonstrated experience with modern software languages (we primarily use Kotlin and JavaScript).
- Demonstrated experience developing threat models and leading secure code reviews.
- Demonstrated experience with application security testing processes such as SAST, SCA, and DAST through detection, triage, and remediation.
- Knowledge of secure architecture and secure design patterns in a web-based microservices environment.
- Background in cloud-based infrastructure and containerized application environments.
- Experience with modern workflow management processes such as ticketing systems.
- Experience with modern source code management systems and CI/CD platforms.
- Ability to execute independently within a small, nimble team.
Required Education & Certifications:
- B.A./B.S. in a related field (e.g., Computer Science, Engineering, Cybersecurity) or equivalent work experience
Compensation:
- Qualified candidates can expect a salary beginning at $115,000/yr or more depending on experience
Expected Closing Date- 04/8/2024
#LI-Remote #LI-AG1 #BI-Remote #DICE-A
- Non-Commissioned Bonus Plans or Variable Commission
- 401(k) plan with employer match
- Medical, Dental & Vision Insurance
- Employee Assistance Program
- Employer Paid Short & Long Term Disability, Life and AD&D Insurance
- Flexible, Open Vacation
- Paid Sick Time Off
- Extended Leave for Life events
- RTD Eco Pass (For local Colorado Employees)
- Career Development Programs
- Stock Option Eligibility
- Employee-led Resource Groups
Jobs from our Partners
Senior PL/SQL Developer
DevOps Engineer (16216)
Senior UI Developer (16228)
Principal CyberSecurity Engineer
Senior Full-Stack Engineer
Other Jobs from Pax8
Software Developer in Test (SDET)
Senior Cybersecurity Operations Engineer
Cloud Solutions Engineer- Azure
Similar Jobs
Sr. SW Engineer -Java Full stack
Senior Engineer - Java/Spring/Spring boot - Personalization
Senior Full Stack Cloud/Typescript Developer
Cloud Software Developer
Frontend Software Engineer II - Core Apps
Expert Application Engineer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
50,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 257 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
Cancel anytime / Money-back guarantee