Application Security Engineer
DESCRIPTION
About the Opportunity:
ReachLocal is seeking a talented Application Security Engineer to join our DevOps team. The team is responsible for implementing innovative security solutions on cutting-edge cloud technology.
This role will work with various teams in securing applications already in the cloud, plus creating security solutions to enable the migration of hundreds more. They will be using a myriad of custom internal and open source tools in a hybrid cloud, and will have the opportunity to evaluate new processes and shape the policies of new environments.
Technologies and Disciplines
Cloud: Amazon Web Services. On-premises: XEN/OpenStack
Continuous delivery and build servers such as Jenkins, AWS CodeBuild/CodePipeline, Bamboo
Automation using Python, Java, etc., plus extensive use of Puppet, CFEngine, and Docker
Source code management via Git
System Environments
Linux (CentOS/RHEL/Ubuntu)
Stateless servers and containers, such as Docker/AWS Lambda
Nginx and Apache Web servers
MySQL databases
NoSQL
About Your Responsibilities:
Develop security automation (enabling to move faster, more securely)
Perform application security testing (of existing applications and on-boarding of new applications) throughout the entire lifecycle
Automation of existing security toolsets
Be the champion of automation and cyber security evangelization
Respond to security incidents
Desired Skills and Experience
Application vulnerability scanning and penetration testing
Secure coding practices
Application security testing practices (S/DAST, IAST, RASP)
Web Application Firewalls, IDS/IPS, OWASP top 10
Security tools such as: Nessus, Saint, Wireshark, Netcat, Metasploit, Burp Suite, OWASP ZAP
Security standards: OWASP Top 10, SANS Top 25, CIS, NIST, CVE
Best practices across cloud platforms
Cloud+, CCSK, AWS CSA, Security+
QUALIFICATIONS
Qualifications
Work history applying security to cloud automation or implementation
3+ years experience in Linux systems administration and cybersecurity
Experience deploying to AWS or other clouds
Experience with Puppet/CFEngine and Docker or other configuration management tools
Familiarity with the OWASP Top 10, and common attack vectors
Knowledge of Ruby
Experience using a open source tools like clair, security monkey
About ReachLocal
Are you looking for a company that values innovation, passion, and a healthy work/life balance? A job where you feel supported and appreciated? At ReachLocal, we know our employees drive success, and we strive to create a thriving company culture where you’ll enjoy coming to work every day.
Here, you can walk through the halls and bump into our CEO, have a voice that matters with your team and managers, or support a local cause with your fellow employees. Are you ready to join a company where you can have fun and work with some of brightest people in digital marketing?
Our mission is to help local businesses all over the world reach more local customers online. As a leader in powering online marketing for local businesses, ReachLocal has been recognized for outstanding products and exceptional employees, having won Google’s Quality Account Champion in North America and Google’s Innovation Champion Award in Canada. Our CEO, Sharon Rowlands, has won countless awards, most recently the Gold Stevie Award for Female Executive of the Year in the 13th Annual Stevie Awards for Women in Business.
ReachLocal is headquartered in Woodland Hills, CA, with over 60 locations throughout the United States, Canada, Germany, the Netherlands, Japan, Australia, and Brazil.
We invite you to learn more about us, connect with us, and grow with us here:
• Career Site: http://careers.reachlocal.com
• Blog: http://blog.reachlocal.com/
• LinkedIn: https://www.linkedin.com/company/reachlocal
• Twitter: https://twitter.com/reachlocaljobs
• Youtube: https://www.youtube.com/user/reachlocal
• Hear from our employees: http://blog.reachlocal.com/reachlocal-services-spotlight-meet-some-of-our-marketing-experts
ReachLocal is an equal opportunity employer. Applicants for all job openings are welcome and will be considered without regard to race, color, religion, national origin, sex, age, sexual orientation, physical or mental disability, or any other basis protected by state, federal or local law. It is the intent of the Company to comply with all applicable federal, state and local legislation concerning equal opportunity in employment.
This job description is not designed to cover or contain a comprehensive listing of all activities, duties or responsibilities required of the employee.
PRIMARY LOCATION
: US-CA-Woodland Hills