AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. We built our suite of audit, risk, and compliance solutions with user experience at the forefront, and maintain an unwavering focus on creating streamlined, easy-to-use products to address the critical business needs of our customers.
That customer-centric approach has helped us become the third fastest growing technology company in North America, according to Deloitte. More than 20% of the Fortune 500 and companies like Walmart, Intel, Amgen, Hawaiian Airlines, Electronic Arts, Lowes, Lennar Homes, and Cornerstone OnDemand use AuditBoard today.
Who We Are Looking For
AuditBoard is looking for a passionate and experienced Senior Application Security Engineer, who will work along the security team to develop software that solves software security challenges. Supported by the InfoSec team, this position will serve as a Security liaison to the AuditBoard engineering team - assisting them with implementing security best practice at every layer of the SDLC. This will be a 100% remote opportunity.
- Work with product and engineering teams to implement security throughout the design and development process.
- Work with modern languages and frameworks in a cloud centric infrastucture.
- Create application threat models, perform secure code reviews, and ensure the use of secure coding practices, with the support of the Infosec team.
- Assist the infosec team in driving adoption of Secure SDLC solutions and practices, such as static and dynamic analysis.
- Provide subject matter expertise and training on encryption, security controls, and secure programming practices.
- Validate, triage and drive the remediation of vulnerabilities discovered through internal testing, third-party penetration tests, or bug bounty programs.
- Guide the implementation, configuration and operation of application layer security controls such as Web Application Firewall and DDoS mitigation solutions.
- Assist with Security Compliance activities as required.
- 5+ years of experience developing web-based applications and/or information security related fields
- Experience writing REST / JSON APIs
- Experience writing software tests
- Ability to solve technical problems independently
- Motivation to work hard and always be learning
- Experience or interest in securing SDLC in cloud-native environments
- Experience with Node.JS and modern ES6 or TypeScript
- Experience with Ember.JS
- Experience working on SaaS web applications
- Experience with implementing static code analysis, Web Application Firewalls (WAF), or other software security solutions
- Bonus: Docker or Kubernetes experience
- BS in Computer Science (or equivalent experience)
- You’ll be launching a career at a well-funded, hyper-growth SaaS tech company
- Free daily catered lunches
- Stock options
- Unlimited snacks and beverages
- Free gym membership
- Medical, dental, and vision coverage for full-time employees
- 3 weeks of Paid Time Off and 10 holidays per year
- 401k to save for your future
- Fun company and team outings