Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Sr. Application Security Engineer/Sr. Product Security Engineer (Remote) at AuditBoard
United States
$157,000 – $213,000Compensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
SoftwareIndustries
Requirements
- 5+ years of experience developing or securing web-based applications
- Experience with modern Javascript (Node.JS, ES6 and TypeScript) and front-end frameworks (Ember, Angular, React, Vue, etc.)
- Experience with leading threat modeling and secure design reviews
- Experience with security assessment tools (SCA, SAST, DAST) such as Qualys, SonarCloud, Prisma or similar is a plus
- Docker & Kubernetes
- Excellent organization, time management, and attention to detail
- Must be action-oriented and have a proactive and collaborative approach to solving issues
- Participates in the design review process, seeking and providing constructive criticism
- Provides significant input into system architecture, considers scalability and performance
- Communicates technical decisions through design docs, tech talks, and the wiki
- Mentorship and technical guidance to junior and mid-level engineers
- Ability to work within an on-call shift rotation
- Preferred experience working on SaaS web applications
- Experience with building and maintaining internal tooling and orchestration using Python
Responsibilities
- Working with product and engineering teams to implement security throughout the design and development process
- Creating application threat models, performing secure code reviews, and ensuring the use of secure coding practices, with the support of the Infosec team
- Assisting the infosec team in driving adoption of Secure SDLC solutions and practices, such as SAST, DAST, SCA, IAST, App Runtime
- Providing subject matter expertise and training on encryption, authentication, key security controls, and secure programming practices
- Validating, triaging and driving the remediation of vulnerabilities discovered through internal testing, third-party penetration tests, or bug bounty programs
- Guiding the implementation, configuration and operation of application layer security controls such as Web Application Firewall and DDoS mitigation solutions
- Assisting with Security Compliance activities as required
- Assisting with investigation and response to security incidents and web application attacks as necessary
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the salary range for this position?
The salary range is $157K - $213K.
Is this role remote?
Yes, this is a fully remote position.
What technical skills are required for this role?
The role requires working with JavaScript, Node.JS, Ember, Python, GoLang, Docker, PostgreSQL, and Kubernetes, along with 5+ years of experience developing or securing web-based applications.
What is the company culture like at AuditBoard?
AuditBoard inspires innovation, assists each other, breaks through barriers, and aims to create the most loved platform, contributing to rapid growth as one of the 500 fastest-growing tech companies.
What experience makes a strong candidate for this role?
Candidates with 5+ years of experience developing or securing web-based applications, expertise in secure SDLC practices like threat modeling and code reviews, and proficiency in technologies like JavaScript, Python, GoLang, and Kubernetes stand out.
AuditBoard
GRC software for audit and compliance
About AuditBoard
AuditBoard provides Governance, Risk, and Compliance (GRC) software solutions for large enterprises, including many Fortune 500 companies. Its platform automates and manages audit, risk, and compliance programs in real time, enabling teams to collaborate and report from anywhere. The company operates on a Software-as-a-Service (SaaS) model, offering specialized modules for different GRC aspects, which simplifies complex tasks and improves efficiency. AuditBoard's goal is to empower organizations to effectively manage their compliance and risk management needs.
Cerritos, CaliforniaHeadquarters
2014Year Founded
$42.4MTotal Funding
BUYOUTCompany Stage
Enterprise Software, Financial ServicesIndustries
501-1,000Employees
Risks
Increased competition from emerging GRC software providers could erode market share.
Rapid technological advancements may require costly updates to remain competitive.
Cybersecurity threats targeting cloud-based platforms could damage reputation and client trust.
Differentiation
AuditBoard offers a fully integrated GRC platform for large enterprises.
The platform provides real-time collaboration and reporting capabilities for remote work environments.
AuditBoard's SaaS model ensures continuous updates and improvements to its software.
Upsides
AuditBoard ranked #1 in enterprise Security Compliance in G2 Winter 2025 Grid Report.
The company was named 'Overall Risk Management Solution of the Year' in 2024.
AuditBoard's new analytics suite enhances data insights for customers.
Related Jobs
RemoteRemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Software Engineer, Secure Agents
CohereSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSoftware Engineer, Security
Render$193,000 - $265,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteDevSecOps Engineer
Authentic8Salary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Engineer, App Security
HealthieSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)