Remote Senior Application Security Engineer

Description:

• The Senior Application Security Engineer will be responsible for building and integrating security practices within the development and release processes.
• This role involves collaborating with cross-functional teams to ensure that security is a foundational aspect of software design, development, and deployment.
• The engineer will promote secure coding practices and shift-left development methodologies.
• Key responsibilities include integrating security practices throughout the software development lifecycle (SDLC), supporting the implementation of security controls within CI/CD pipelines, and conducting threat modeling sessions with development teams.
• The engineer will analyze and support the remediation of security vulnerabilities in applications and deliver training on secure coding practices.
• Collaboration with DevOps, QA, Engineering, Product, and Release Management teams is essential to incorporate security requirements into all aspects of software development and delivery.
• The role also involves staying current with emerging security threats and continuously seeking opportunities to improve security processes and tooling.

Requirements:

• Candidates must have 5+ years of experience in application security or software development, with at least 2 years in a cloud-native or SaaS company.
• Hands-on experience with secure coding practices and application development is required.
• A strong understanding of cloud well-architected frameworks, application development, and deployment workflows is necessary.
• Experience with release management processes and integrating security into deployment workflows is essential.
• Candidates should be passionate about improving quality processes through shift-left, automation, and tools.
• A self-starter attitude with a history of shaping and establishing technical vision and architecture is important.
• Superior communication skills are required to effectively communicate with peers, customers, and leadership.
• Knowledge of essential web technologies such as Java Spring Boot, Java, JavaScript, Node.js, C#, and UI frameworks is necessary.
• Proficiency in secure coding standards and best practices, along with experience leading secure code reviews, is required.
• A strong understanding of application security vulnerabilities, particularly the OWASP Top Ten, is essential.
• Experience with major IaaS vendors (AWS, GCP, Azure) and securing container ecosystems is required.
• Familiarity with Jenkins, ArgoCD, or other continuous integration software is necessary.
• Experience operationalizing static analysis, software composition analysis, and dynamic analysis testing tools in the development pipeline is preferred.

Benefits:

• Reltio offers flexible work arrangements to help employees manage their personal and professional lives.
• The company has earned numerous awards and top rankings for its technology, culture, and people.
• Employees are encouraged to be part of a collaborative team focused on enabling digital transformation with connected data.
• Reltio is committed to equal employment opportunity and provides reasonable accommodations to applicants with physical and mental disabilities.