AppSec Engineer
Remote, United States
AppSec Engineer
Remote, USA OneStream Software LLC
Benefits Offered Vision, Medical, Life, Dental, 401K
Employment Type Full-Time
Compensation $105,000.00 - $140,000.00 (Range applies to US candidates only) + Benefits/Variable Comp./Equity - Range may vary based on experience.
ABOUT THE JOB
We are looking for an Application Security Engineer to join the Information Security team. Responsibilities for this position include developing and enforcing secure coding and development practices, performing security testing against the OneStream platform to identify risks and vulnerabilities before release and throughout the SDLC, and reviewing the output of application security tools to provide insight and guidance to the organization about remediation. In addition to these responsibilities, this position will play an integral role in leading the security of the OneStream platform by taking part in the planning and architecture of new features, as well as lead or aid in the development of custom tools to be used for performing security scans.
The ideal candidate for this position will be someone with a solid foundation of secure development and programming practices, a working knowledge of C# and .NET code, and a passion for securing our platform for our customers. This position will require the candidate to communicate with teams across all levels of the organization and be able to explain and discuss technical details with both technical and non-technical audiences. At times it may be necessary to create proof-of-concept exploits against a target to validate vulnerabilities and to determine the risk that certain vulnerabilities may truly pose to customers.
RESPONSIBILITIES
Primary Responsibilities:
- Perform manual and automated application security testing.
- Perform code analysis to ensure security of OneStream platform code.
- Review the SDLC to identify any areas where security of our supply chain could be improved.
- Collaborate with Development and Engineering teams to secure OneStream services.
- Work with other members of the Security team to identify attack patters and indicators of compromise.
- Develop and maintain custom security testing tools for internal testing.
- Create and enforce secure development policies and procedures.
- Provide guidance to junior members of the Security team to promote growth and learning.
- Document and report security concerns found during testing.
- Perform penetration testing against OneStream assets to validate infrastructure security.
QUALITIES OF A SUCCESSFUL CANDIDATE
Formal Education …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Legally authorized to work for any company in the United States without sponsorship
Benefits/Perks401(k) Benefits Offered Dental Equity Life Medical Training opportunities Transparency Variable Comp Vision Vision, Medical, Life, Dental, 401K
Tasks- Collaborating with teams
- Communication
- Reporting
- Testing
- Training
AI Analytics C Code Analysis Communication Finance Financial Information security Machine Learning .Net OneStream OneStream Software Organizational Penetration Testing Planning Programming Risk Management Security Testing
EducationBusiness Computer Science Engineering Finance IT
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9