Podium is hiring a
Application Security Engineer in United States

Summary

The job is for an Application Security Engineer at Podium, responsible for ensuring high security standards in application services, addressing both legacy and emerging issues, and implementing secure development practices. The candidate will also assess the security of applications for business-to-business initiatives, third-party relationships, and vendors.

Requirements

• 4+ years of cybersecurity experience with a deep background (preferably 5+ years) in application programming
• Technical and analytical expertise, including threat modeling, vulnerability testing, and proficiency in software development (Java, Python, C++, Ruby, etc.)
• Solid understanding of network and web protocols, experience with intra-company and third-party APIs, and proficiency with dynamic and static analysis tools
• Excellent communication of business risk from cybersecurity issues and a track record of integrity, excellence, curiosity, and adaptability

Responsibilities

• Perform vulnerability and penetration testing, emphasizing automation for testing and remediation
• Collaborate with developers, DevSecOps, and other teams to conduct repetitive validation testing and ensure a continuous cycle of secure development
• Stay updated on public-facing security issues, adopt new testing tactics, and actively participate in application projects and change management committees
• Define and follow a security review process, utilizing dynamic and static code analysis resources
• Document delivery advances meeting service-level agreements (SLAs) and business metrics
• Align with architects and development teams for secure design, actively engaging in information security projects
• Respond to service and escalation tickets, conduct performance testing, and contribute to local security groups/organizations and conferences

Preferred Qualifications

• Experience with applications in AWS, Microsoft Azure, or GCP, and proficiency in cryptography controls
• DevOps background in public and private clouds, scripting skills in Python, JavaScript, PowerShell, PHP, or Ruby
• Familiarity with ISO 27001, NIST, PCI DSS, HIPAA, HITECH Act, SOX, GDPR, CIS standards, or SOC 2
• Working knowledge of Windows, Linux, Unix, and state privacy laws
• Highly trustworthy with leadership qualities
• Bachelor’s degree in computer science, information assurance, MIS, or related field, or equivalent experience

Benefits

• Open and transparent culture
• Life insurance, long and short-term disability coverage
• Paid maternity and paternity leave
• Fertility Benefits
• Generous vacation time, plus three 4-day summer holiday weekends
• Excellent medical, dental, and vision benefits
• 401k Plan with competitive company matching
• Bi-annual swag drops with cool Podium gear and apparel
• A stellar HQ (Utah) gym with local professional coaches and classes offered
• Onsite HQ (Utah) child care center, subsidized for employees
• Additional benefits for fully remote employees