Sr. Application Security Engineer

Job Description

About the Role

Validity is looking for a senior application security engineer to join our security and privacy team. As our AppSec expert, you will partner with our product development and web content teams to assess our code, applications, and sites, prioritize risks for remediation and help us shift security left in our SDLC. You will lead our own third-party pen tests and will also lend a hand in day-to-day security operations.

Position Duties and Responsibilities

• Identify false-positive findings from DAST and SAST tools and suggest remediation paths for valid findings.
• Work on security reviews, building collaborative relationships with developers and engineers across the organization.
• Analyze software architecture to identify weaknesses & develop opportunities for improvement.
• Execute complex technical projects with minimal oversight. Oversee development of security components throughout all stages of the SDLC.
• Conduct security reviews & penetration testing of systems, source code, and applications
• Perform security reviews of source code, stored procedures, datastores, and server/service configurations.
• Perform manual and automated security testing. Define and document application security requirements.
• Provide accurate & timely reporting on all project deliverables.
• Provide practical application security best-practice guidance to Validity.

Required Experience, Skills, and Education

• 5+ years’ Information Security Engineering experience, in a technical capacity.
• Must have the ability to work effectively across the organization/collaborate effectively with both technical and non-technical team members, possess excellent oral & written communications skills, and demonstrate effective problem-solving skills.
• Familiarity with market-leading security tools, commercial offerings for application security testing and analysis.
• Good understanding of RESTful APIs and microservices.
• Advanced knowledge of web application testing tools. Ability to write proof-of-concept exploits required.
• Working knowledge of application containers frameworks and technologies (Docker, Kubernetes, etc.).
• Experience with penetration testing web-based SaaS applications and systems operating out of Cloud infrastructure (AWS, Azure, etc.).
• Knowledge of application-level attacks and mitigation methods, with a thorough understanding of OWASP top 10.
• Knowledge of DAST and SAST systems.
• CEH, eCPPT, eWPT, GWAPT, OSCP, or equivalent experience.

Preferred Experience, Skills, and Education

• BS, MS in Computer Science or equivalent experience.
• CSSLP.
• Experience with Qualys and Checkmarx, Burp Suite.
• Basic knowledge of PHP, Python, and Ruby.
• CI/CD pipeline.
• DAST, SAST tools.

Benefits

• Medical
• Dental
• Vision
• Paid Holidays
• Unlimited PTO
• Parental Leave

Pay Range: $70,000 - $110,000 base, plus up to 10% bonus opportunity, and stock options.

Final salary may vary depending on skills, location, and/or experience.

This position can be in office/remote, hiring in the following states only:

AL, AR, AZ, CA, CO, CT, FL, GA, HI, ID, IL, IN, KS, KY, MA, MD, ME, MI, MO, NC, NE, NH, NJ, NV, NY, OH, OK, PA, RI, SC, TN, TX, UT, VA, VT, WA

About Validity

For over 20 years, tens of thousands of organizations across the world have relied on Validity solutions to target, contact, engage, and retain customers – using trustworthy data as a key advantage. Validity’s flagship products – DemandTools, BriteVerify, Return Path, Trust Assessments, and GridBuddy – are all highly rated, #1 solutions for sales and marketing professionals. These solutions deliver smarter email campaigns, more qualified leads, more productive sales, and ultimately faster growth.

Validity is a truly unique company - massive revenue growth, top-tier investors, 5-star product ratings, proven ability to acquire and integrate top tech companies and welcome them into the Validity family, winning culture, and a work environment that fosters hard work, trust, and fun.

Headquartered in Boston, Validity has offices in Tampa, Denver, Indianapolis, London, and Sydney. For more information, visit connect with us on LinkedIn, Instagram, and Twitter.

_____________________________________________________________________________

Validity is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.