Remote Sr. Application Security Engineer

Description:

• The Sr. Application Security Engineer will play a vital role in building and integrating security practices within development and release processes.
• This position involves collaborating with cross-functional teams to ensure that security is a foundational aspect of software design, development, and deployment.
• The engineer will promote secure coding practices and shift-left development methodologies.
• Responsibilities include integrating security practices throughout the software development lifecycle (SDLC), ensuring security is embedded from design through deployment.
• The role requires supporting the implementation of security controls within CI/CD pipelines, enabling automated security testing and vulnerability assessments.
• The engineer will conduct threat modeling sessions with development teams to identify potential security risks early in the design process.
• The position involves analyzing and supporting the remediation of security vulnerabilities in applications and assisting development teams in writing code fixes.
• The engineer will deliver content around secure coding practices, application security threats, and remediation techniques.
• Collaboration with DevOps, QA, Engineering, Product, and Release Management teams is essential to ensure security requirements are incorporated into all aspects of software development and delivery.
• Continuous improvement is a key focus, with the engineer expected to stay current with emerging security threats and best practices.

Requirements:

• Candidates must have 5+ years of experience in application security or software development, with at least 2 years in a cloud-native or SaaS company.
• Hands-on experience with secure coding practices and application development is required.
• A strong understanding of cloud well-architected frameworks, application development, and deployment workflows is necessary.
• Experience with release management processes and integrating security into deployment workflows is essential.
• Candidates should have a passion for improving quality processes through shift-left, automation, and tools.
• The role requires a self-starter who is motivated, autonomous, and responsible, with a history of shaping technical vision and architecture.
• Superior communication skills are necessary to communicate clearly with peers, customers, and leadership.
• Knowledge and expertise in essential web technologies such as Java Spring Boot, Java, JavaScript, Node.js, C#, and UI frameworks are required.
• Proficiency in secure coding standards and best practices, with hands-on experience implementing them, is essential.
• Experience leading secure code reviews and guiding developers on secure coding is required.
• A strong understanding of application security vulnerabilities (e.g., OWASP Top Ten) and prevention methods is necessary.
• Experience with top IaaS vendors (AWS, GCP, and Azure) and securing container ecosystems and Kubernetes orchestration is required.
• Familiarity with Jenkins, ArgoCD, or other continuous integration software is necessary.
• Experience operationalizing static analysis, software composition analysis, and dynamic analysis testing tools in the development pipeline is required.

Benefits:

• Reltio offers flexible work arrangements to help employees manage their personal and professional lives.
• The company has earned numerous awards and top rankings for its technology, culture, and people.
• Employees are encouraged to be part of a collaborative team focused on enabling digital transformation with connected data.
• Reltio is committed to equal employment opportunity and provides reasonable accommodation to applicants with physical and mental disabilities.