Role Description:

You will be a leader within our application security team. The goal of Guild Education’s application security program is to ensure that software engineering teams across the company are enabled to securely design, build, test, and maintain the applications that power our business. Our guiding principle is to pave roads and enable our engineers to deliver secure software with minimal friction, supporting their work across the entire Secure Development Lifecycle (SDL). We take a customer-service oriented approach to support, coach, and empower our engineers to do the right things without friction or slowing them down.

Responsibilities:

Develop and lead threat modeling training, workshops, and collaborative sessions for a wide array of cloud-based products and services. Champion threat modeling practices within the development teams, promoting best industry practices.
Collaborate with product and engineering on architecting resilient, security-first services
Build and deliver educational content to our engineers including hands-on training courses
Interpret findings from application security tools and provide coaching in remediation
Assist in the development of secure code libraries
Evaluate and classify findings from SAST, DAST, SCA and externally reported sources
Act as technical liaison between Information Security and application development teams, including guiding teams towards strong application security practices and remediating known risks
Develop and support integration and automation within security, monitoring, reporting, and ticketing platforms
Review and analyze existing processes and suggest improvements for increased security and efficiency

Requirements:

1-3 years in secure development/application security
Proficiency in one or more of modern programming languages
Proficiency in scripting
Hands-on experience with one or more application security testing tools (SAST, SCA, IAST, DAST)
Intimate knowledge of OWASP Top 10 Vulnerabilities, mitigations, and their impact on application architecture
Experience in web application security and SSDLC practices
Proficient in at least one general programming language such as JavaScript, Python, C/C++, Java, Rust, or Go
An understanding of web applications, web servers, layer 7 application technologies

Preferred Qualifications:

An understanding of AWS Well Architected Framework and Cloud native application development best practices
Experience with OWASP Application Security Verification Standards (ASVS)

Other Soft skills:

You are a great communicator who can explain technical issues and risks to a broad, non-technical audience.
You can work well with engineering, legal, security, devops, product, executives, and others.
You tailor your communication style, level of detail, and approach based on the audience.
Enjoys working directly with software engineers, including in new languages and tool chains
You are a strong collaborator and can influence technical teams, and you take them along with you.
You operate effectively across teams and disciplines even in highly ambiguous situations.
You have experience building inclusive team cultures

We feel passionately about equal pay for equal work, and transparency in compensation is one vehicle to achieve that. Total compensation for this role is market competitive, including a base salary range of $110,000-$130,000 as well as company stock options.

Guild is increasing economic mobility for working adults by partnering with the largest employers in the country to offer education as a benefit to their employees via our marketplace of nonprofit universities and education institutions. Guild’s proprietary technology platform facilitates the administration of this innovative benefit and our team of coaches helps each employee navigate the path back to school, providing individualized support from day one through program completion.

Guild is a female-led, Certified B Corporation – and with a valuation of $3.8 billion is one of the highest-valued, privately held education companies in the world, and the only one led by a woman. Guild’s investors include Ken Chenault, General Catalyst Partners, chairman and former CEO of American Express, Emerson, and Iconiq.

Guild Education is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. If you have a disability or special need that requires accommodation, please let your recruiter know. We currently offer the following benefits:

Access to low-cost, high-quality health care options through Cigna and Kaiser (due to coverage limitations, Kaiser is currently only available in CA & CO)
Access to a 401k to help save for the future
3 weeks of vacation in the first year and an open vacation policy after year 1 to help recharge
8 days of fully-paid sick leave, to take the time to heal and or recover
Family-friendly benefits, including 14 weeks of parental leave, employer-paid short-term and long-term disability, employer-sponsored life insurance, and fertility care benefits.
Well-rounded wellness benefits including access to free and low cost mental health resources and support services
Education benefits and tuition assistance to help your future development and growth

Guild requires COVID-19 vaccines for all employees and guests attending Guild events or entering Guild offices. We will be using both Clear’s Digital Vaccine Card and state-sponsored vaccine passports to verify proof of vaccine. Accommodations or exceptions can be requested for medical or religious reasons.