Application Security Jobs

"Application security is the process of making apps more secure by finding, fixing, and enhancing the security of apps. Much of this happens during the development phase, but it includes tools and methods to protect apps once they are deployed."
- CSO Online

Auth0

Software Engineer, Platform Tools

Remote
Application Security
FULL-TIME
Oct 28
Premier
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score. 
 
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
 
The Platform Tools team mission is to make the life of Auth0’s engineers easier and more productive by providing a frictionless interface to Auth0’s internal platform. 
 
We are looking for senior software engineers to help us achieve the level of excellence that our teams need to make their day-to-day work easier and enjoyable.

You will:

  • Design, build and maintain tools and a toolchain to improve the development lifecycle.
  • Help build and scale our development environment as engineering teams grow.
  • Research and build prototypes using new technologies.
  • Investigate, discuss and propose new engineering productivity practices and tools.
  • Collaborate with fellow team members on priorities, specifications, and progress communication.
  • Evangelize Auth0 engineers about our new tools offering.

You are a good fit if you:

  • Have excellent communication and collaboration skills.
  • Love to work with cutting edge technologies.
  • Enjoy solving chores through automation.
  • Have experience with Go, Node.js or similar.
  • Have experience with container technology such as Docker, Kubernetes, ECS, etc.
  • Have experience with distributed systems, software architectures and authentication.
  • Are autonomous and have a continuous improvement mindset.
  • Pay attention to details and keep user experience a top priority.
  • Enjoy being part of a highly collaborative, remote first environment.
  • Timezone: we are giving preference to candidates located between GMT -3 and GMT +2.

You might work on:

  • Open source tools, integrations, CLIs, and frameworks.
  • API and CLI interface to our internal platform.
  • Vivaldi, our Docker-based development environment.
  • Bots and scripts to automate common tasks.
  • IDE and browser extensions.
  • Pull Requests flow automation.

Preferred Locations:

  • #US; #CA; #AR;

 

Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
 
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles
 
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CyberArk

Software Engineer Intern

Newton, MA
Application Security
INTERN
Aug 22
Premier

Job Description:

We are looking for software engineering interns to join the Conjur Community and Integrations (C&I) team at CyberArk! Our team delivers high-quality open source software and more to CyberArk’s customers. We know that our community is best served when:
- Our projects are active, maintained, well organized, and superbly documented
- We discuss, plan, design, and build in the open
- Contributions from community members are solicited, welcomed, and reviewed

The intern will play an important role in helping us grow and maintain our suite of tools and integrations that work with Conjur open source. During the internship, the intern will work with the community and integrations team to extend our Conjur SDK from a handful of client libraries to a complete OpenAPI implementation. There will also be opportunities to write tutorials, blog posts, and provide code samples that community members can use to understand how to use our software. In creating this content, interns will get hands-on experience with bash, Docker, interacting with a REST API, and some of the most popular modern DevOps tools and platforms for deploying software.

 

Responsibilities
The Conjur C&I team are responsible for many features and initiatives within the CyberArk portfolio, including:
- Features within the Conjur open source product
- Integrations for the Conjur and DAP products with popular open DevOps tools
- Connectors and enhancements for the revolutionary Secretless Broker
- APIs and SDKs for the above

 

Requirements:

- Senior currently enrolled in a University/ College

- Major studies focused in Computer Science, Information System Security, etc or prior industry software development experience 

- Experience with Docker, Bash, Golang, Ruby is a plus

- Capable of understanding the technical aspects of a complex system.

- Must have excellent communication skills and a passion for providing world-class service.

- Experience of directly supporting enterprise-level customers is a plus.

- Ability and desire to learn products and technologies.

- Must be able to work independently as well as with others, as part of a domestic and international team.

- Excellent time management, decision making, prioritization and organization skills.

- Experience developing on Unix/Linux based system is a plus

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
HP

Application Security Engineer

Spring, TX
Application Security
FULL-TIME
Aug 20
Premier

We are seeking a Product Security consultant within Personal PC organization. We are looking for an innovative and motivated candidate who under general direction and with a high level of autonomy, will use extensive knowledge and skills obtained through education and experience to perform the services.

The candidate will be required to work on multiple products and must have the ability to develop and present secure solutions and remediation advice to leadership and technical teams. The candidate will be required to assess risks imposed by technical solutions and advise product teams of security standards, best practices and solutions to address risk, while maintaining security quality and customer satisfaction.

 

Primary responsibilities of this role are:

  • Work closely with Business Team and product development team to:
  • Drive Security Development Lifecycle activities (architecture review, threat modeling, security code reads)
  • Align security solution to overall HP Inc. product.
  • Certify the product HP Inc. ship are align with cyber security standard.
  • Apply security throughout the product development lifecycle using Secure Development Lifecycle processes and techniques
  • Gain and maintain a working knowledge of the HP Inc. portfolio of products.
  • Continually review and enhance existing knowledge of security aspects of HP Inc. product sets and technologies.
  • Partner with product development teams in order to remediate risks identified by Product Security.
  • Capture Remediation data to provide dashboard and metrics to senior management
  • Provide 'soft' consultancy skills and a proactive approach to earn the trust of product teams.

Requirements and Desirable Qualities:

  • Strong engineering background preferred
  • Application architecture experience preferred
  • Advanced knowledge of Windows platforms
  • Advanced knowledge of application mobile security tools
  • Strong technical acumen securing software and hardware
  • Excellent analytical and problem solving skills
  • Good understanding of software development and working experience with any one of the higher level programing languages or scripting
  • Typically 5 or more years of related work experience
  • Experience leading security efforts and/or teams
  • Good analytical and problem solving skills.
  • Good communication skills

 

Experience:

  • Typically 7 or more years of related work experience
  • Typically 5 years’ experience in vulnerability research analyst, pen testing, security researcher, Windows, Linux.
  • Strong engineering and development background in software are preferred.
  • Open Source Contributor
  • Strong knowledge to perform below tests:
    • Penetration Testing
    • Static Analysis/ Static Application Security Testing
    • Vulnerability Assessment/Scanning
    • Dynamic Analysis/Dynamic Application Security Testing (DAST)
    • Malicious Software Analysis
    • SDL (architecture review, code reads, threat modeling)

 

 

Preferred Certifications:

  • CEH: Certified Ethical Hacker
  • CCNP Security: Cisco Certified Network Professional Security
  • GSEC / GCIH / GCIA: GIAC Security Certifications
  • CISSP: Certified Information Systems Security Professional
Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
Leidos

Jr Cybersecurity Application Developer

Washington, DC
Application Security
FULL-TIME
Jul 29
Premier

Job Description:

Leidos has an immediate need for a Junior Cybersecurity Application Developer to support this DHS SOC Program. The Application Developer will join a multidisciplinary team and needs to be a self-starter with excellent technical planning, system design, analytical and problem-solving skills, flexibility, good judgement and the ability to coordinate multiple, concurrent tasks in an effective manner. The applications developed will be used to collect and process data and improve the DHS Enterprise Security Operations Center capabilities. The Application Developer will work under the direction of senior staff on tasks to maintain existing applications and infrastructure, plan and install new hardware/software, assist with ATO compliance, help ensure the integrity and security of enterprise-wide cyber systems and networks, etc. The multidisciplinary nature of the team provides opportunities to work on a variety of applications and hardware that the team supports.

Primary Responsibilities

  • Develop and support capabilities on the RSA Archer platform as well as a variety of other platforms.
  • Assist with Server admin, account maintenance, upgrades and related Change Management requirements
  • Conduct POAM remediation, system support/maintenance.
  • Break/Fix System support and ticket resolution support.
  • Review, debug, and resolve technical issues throughout all stages development and support
  • Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
  • Perform integration activities to connect with 3rd party software APIs
  • Design, implement, and maintain efficient and reusable Python code
  • Work with stakeholders to develop requirements and deliverables

Basic Qualifications

  • The candidate shall have bachelor’s degree in Computer Science, Engineering, or related field and a minimum of 2 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in cybersecurity
  • At least one of the following certifications: CASP, Security+, GCIH, GCWN, GISF, GSSP, GICSP, SEI, CCSP, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
  • Proficient in the use of all Microsoft Office tools
  • Demonstrated ability to adapt to new technologies and learn quickly
  • Ability to work independently on assigned tasking
  • Experience with Python and Shell Scripting
  • Experience with RedHat Linux
  • Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

Preferred Qualifications

  • Experience with VMware & Ansible/Ansible Tower and/or Terraform
  • Experience working in AWS and Azure
  • Experience working in an Agile environment
  • Experience as a SOC Analyst and/or Incident Responder

Experience and knowledge with designing, building, deploying, and maintaining infrastructure in cloud environments

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.
CrowdStrike

Sr. Software Engineer

Remote
Application Security
FULL-TIME
Jul 16
Premier

We're building the next-generation infrastructure and security platform for CrowdStrike. The Managed Services Development (MSD) team builds the platform and tools for our analysts on the OverWatch team to process and hunt (identify potentially harmful activity) through hundreds of billions of events per day, and growing. MSD build and maintain the platform and tools for Falcon Complete analysts to run customer's security operations in our production cloud environment.

We are looking for an engineer who wants to help move the MSD platform forward as we scale even further. Someone with a broad range of computer skills throughout the software stack and clear communication skills would thrive in this environment. You should love working on large- scale, distributed, cloud-based, highly available systems that can efficiently operate over hundreds of billions events a day.

You will...

  • Be comfortable with projects to build new components and extend the current system. You would need to gather requirements, plan, code, test, and deploy to completion.
  • Help the OverWatch team become more effective in their analysis and hunting by improving the platform and tools.
  • Help the Falcon Complete team become more effective and efficient in their mission to support customer's security operations large and small.
  • Work closely with cloud architects to evolve our systems for future growth and platform development.
  • Bring research projects into production environments and integrate them with the MSD systems.
  • Work in a devops environment where you (and your team) are responsible for the systems you deploy.
  • Be an energetic ‘self-starter’ with the ability to take ownership and be accountable for deliverables.
  • Have a desire for quality and understand what tools and processes you need to reach that level and help the team reach a higher bar.
  • Be an adaptable and flexible engineer who is constantly learning and enjoys tackling complex and novel challenges.
  • Work as part of a distributed team of remote workers across timezones.
  • Use and give back to the open source community.

You'll use...

  • Go (Golang)
  • Python
  • AWS
  • Postgres
  • ElasticSearch
  • Kafka
  • Kubernetes/Spinnaker You have...
  • Degree in Computer Science (or commensurate experience).
  • ·Experience with Golang or another language for developing web backends and pipelines (such as Python/Ruby/etc).
  • Built web-services with data processing pipelines and the concepts required.
  • Experience with relational and noSQL databases (Redis, Postgres, Cassandra, ElasticSearch a plus).
  • Understanding of messaging or queueing software, Kafka experience highly desirable.
  • Linux skills and experience with large-scale, business-critical Linux environments.
  • Understanding of distributed systems and scalability challenges, particularly in Cloud environments such as AWS.
  • The ability to thrive in a fast paced, test-driven, collaborative and iterative programming environment.
  • A thorough understanding of engineering best practices from appropriate testing paradigms to effective peer code reviews and resilient architecture.

Bonus points awarded for...

  • Authored and lead successful open source libraries and projects.
  • Contributions to the open source community (GitHub, Stack Overflow, blogging).
  • Existing exposure to Go, AWS, Cassandra, Kafka, Elasticsearch...
  • Prior experience in the cybersecurity or intelligence fields.

Bring your experience in distributed technologies and algorithms, your great API and systems design sensibilities, and your passion for writing code that performs at extreme scale. You will help build a platform that scales to millions of events per second and Terabytes of data per day. If you want a job that makes a difference in the world and operates at high scale, you’ve come to the right place.

#LI-JF1

​#LI-Remote

#Stack

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards
  • Competitive vacation policy
  • Comprehensive health benefits + 401k plan
  • Paid parental leave, including adoption
  • Flexible work environment
  • Wellness programs
  • Stocked fridges, coffee, soda, and lots of treats

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here.