Staff Software Security Engineer
Company: Workrise
Location: Austin
Posted on: January 27, 2023
Job Description:
Workrise delivers tailored workforce and vendor management
solutions backed by the most qualified people in the energy
industry. We do this reliably at scale, so customers can
confidently execute on the projects in front of them, and focus
their time and energy on the goals that drive their business
forward.
We are hiring a StaffSoftware Security Engineer to help us build
out security solutions across our detection & response engineering,
identity, security architecture, and application & cloud security.
You are as much a builder as you are a leader. You can build on
your previous experiences as being a domain expert and help craft a
technical strategy that fits the needs of the business. You love
mentoring and sharing your knowledge from other engineers and team
mates just as much as you enjoy learning from them.
What you'll be doing:
- Collaborate: Technical leadership with a small team of 3-4
software security engineers to create well-designed, fit-for
purposes, maintainable solutions. You will bring a spirit of
collaboration and willingness to work with multiple departments and
stakeholders. You should have the mindset that security is a
continuous and collaborative process and want to simplify security
(paved roads) for your customers
- Build: We are a team of builders and seek a balance between
build vs buy, cost, and operational efficiency. You may be building
out customer security tools, doing response automation, or helping
engineering teams to build custom security solutions. You bring an
eagerness to find fit-for-purpose solutions, build, deploy and
operate
- Security Data: Lots of data. Whether it's in detection &
response, engineering, DevSecOps, vulnerability management, or
incident response, we are a highly evidence-driven culture that
leverages data to help us fill in the gaps of our understanding.
You will also contribute detection rules to our SIEM as well as set
strategy for automating our detection & response
pipelinesApplication Security - You will help secure the software
development lifecycle. We provide a broad range of services to
support our IT & engineering teams from secure design &
architecture reviews, vulnerability management, Bug Bounty program
management, 3rd party pen testing, dependency management, patching,
and SAST scanning. You reach for Burp proxy like it's second nature
to inspect for potential vulnerabilities or to reproduce a bug
bounty report
- Application Security: You will work with leaders in Privacy &
Trust, Software Engineering, Product, & Corporate Security to
understand the business and build technical strategy and roadmaps
that align with the business and operational strategy
Experience and Education Requirements:
- Bachelor's degree in Computer Science, Engineering or related
field or equivalent experience
- You must have hands-on coding experience building, deploying
and operating solutions. This is a hands-on role building security
solutions
- Demonstrated technical leadership with ability to communicate
to Junior/Senior engineers and fluidly as with the rest of the
business. Ability to build solutions is an important ability to
communicate and influence.
- Depth in experience in one or more domains of Application
Security, Cloud Security, or Detection & Response Engineering.
While you may be working in multiple domains, we're not expecting
out-of-the-box unicorns here
- Minimum of 7 years technical professional experience in a
security or software engineering discipline as a development
engineer
- 3+ years experience building customer applications, tools,
and/or data pipelines
- 3+ years of experience in cloud security, architecture, and
secure coding practices
- 3+ years working in a cloud environment (AWS, GCP)
- 3+ years working with container orchestration services (k8's,
Docker, service mesh)
- Demonstrated experience within the security community on open
source projects, bug bounty submissions, or similar
contributions.
- Deep knowledge of both loosely and strongly typed
languages
- Ability to work with engineering focused teams to promote safe
development practices
- Experience with CI/CD tools such as CircleCI, Jenkins, Github
webhooks
- Demonstrated experience in at least one programming language
such as Python, Go, JavaScript, or Rust
- Experience with the OWASP Top 10 and common application
exploits, and techniques
- Experience with vulnerability management and scoring techniques
like CVSS, EPSS
- Experience with RBAC and IAM access control techniques
- Exposure to security and compliance, and privacy frameworks
such as GDPR, CCPA, ISO27001, NIST CSF
Keywords: Workrise, Austin , Staff Software Security Engineer, IT / Software / Systems , Austin, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...