The Application Security Engineer champions security within VividCortex’ product development teams through the design and integration of security controls, and educating our teams through training and security programs. Our security team is a key part of our growth strategy! Diversity is important to us, and we welcome and encourage applicants from all walks of life and all backgrounds. Remote work within the US with regular travel to our Charlottesville, VA headquarters, is available for this position.
What you’ll get to do here:
Provide security expertise on our systems, network, encryption, and authentication.
Understand our AWS architecture, full engineering stack, services, and data flow and own their security controls.
Implement and maintain technologies for security, such as vulnerability testing, logging, monitoring and incident response.
Help define our secure development standards and ensure they are met.
Consult with engineering on planned and current platform and code changes to ensure security is given due consideration during architectural planning and implementation.
Perform code reviews, penetration testing, and security functional testing.
Own security awareness training for engineering, and create engaging security programs (bug bounty, white hat testing, and more).
Document and develop security engineering processes and procedures in support of compliance processes.
Identify and assist in the development of security features within our products.
Represent Security as a resource for a great engineering culture.
You’re great at:
Sharing your passion for security with the team and advocating for customer needs.
Being the engineering team member that others depend on for guidance on security issues.
Staying on top of security trends and emerging threats in a rapidly changing industry.
Creating engaging programs for training and security awareness.
Choosing and using vulnerability testing tools for penetration tests and compliance audits.
Understanding complex applications, infrastructure and business processes.
Identifying security risks in the product and SDLC and finding pragmatic ways to mitigate them.
You’ll benefit from experience in:
High-growth technology environments.
Software as a Service products.
Frameworks and standards such as ISO, CSA, HIPAA, PCI, GLBA, etc.
System administration, particularly AWS.
General development, deployment, and operation of modern API-powered web applications using continuous delivery and Git in a Unix/Linux environment.
Coding, particularly with Go and scripting languages such as Bash.
Coding platforms include, PHP, Golang, C+, C++, Perl, Python, and Javascript.
Database platforms include, MySQL, PostgreSQL, MongoDB, Redis, Cassandra.
OS platforms include Linux, Free BSD and Windows.
Cloud SaaS Services, AWS
At VividCortex, we want to build a diverse team because it’s the right thing to do, and because we believe diversity is strength. We encourage applicants from all walks of life and all backgrounds. Note to Agencies and Recruiters:VividCortex has a strict company policy against engaging with unsolicited contact from agencies or recruiters. Unsolicited resumes and leads are property of VividCortex and VividCortex explicitly denies that any information sent to VividCortex can be construe
