Remote Senior Application Security Engineer-I

Description:

• The Senior Application Security Engineer-I role can be performed remotely from anywhere in India.
• Application Security SREs at Sumo Logic collaborate with development teams and the Security Operations Center (SOC) to ensure product security and compliance.
• Responsibilities include ensuring secure application development by applying secure coding best practices and creating training materials.
• The role involves performing security reviews and penetration tests during design and implementation stages, proposing solutions for any identified security deficiencies.
• Leading threat modeling exercises to evaluate technical designs is a key responsibility.
• The engineer will leverage Sumo’s products and third-party tools to enhance security and implement "defense in depth" strategies in the software development lifecycle.
• Participation in security research, investigations, platform hardening, and audits is expected.
• The role requires driving continual improvement and operational excellence for security tools.
• On-call participation is necessary to provide coverage for security and platform components.

Requirements:

• A B.S. or M.S. in Computer Sciences or a related discipline is required.
• A passion for security is essential, with an understanding of software security vulnerabilities and best practices for defense.
• An operations mindset is necessary, with knowledge of leveraging encryption, key management, monitoring, alerting, and automation for security at scale.
• Candidates should have 4-6 years of professional experience in applied software security roles.
• Strong knowledge of OWASP top 10 security vulnerabilities, with the ability to identify security flaws, assess their impact, and propose solutions for developers is required.
• Experience with cloud security tools as part of software architecture is necessary.
• Operational expertise in high-scale, reliable 24/7, multi-tenant SaaS environments is required.
• Strong coding and debugging skills are essential, with Scala experience being highly beneficial.
• Security certifications, experience in bug bounty programs or CTFs, reported CVEs, and familiarity with compliance frameworks and audits are considered pluses.

Benefits:

• Employees have the flexibility to work remotely from anywhere in India.
• Sumo Logic provides an opportunity to work with a leading SaaS machine data analytics platform.
• Employees can engage in meaningful work that contributes to the security and reliability of cloud-native applications.
• The company fosters a culture of continual improvement and operational excellence in security practices.
• Employees will have the chance to collaborate with a diverse range of clients, including well-known companies like Epic Games, Airbnb, Twitter, BBC, and Toyota.