Remote Senior Application Security Engineer
Box Inc Deutschland
π΅ $154k-$226k
πRemote - United States
Please let Box Inc Deutschland know you found this job on JobsCollider. Thanks! π
Job highlights
Summary
Join Box as a Senior Application Security Engineer to proactively find security gaps and partner with development teams to close those gaps quickly. You will own the end-to-end secure development requirements, discovery of vulnerabilities through PenTesting and identifying remediation tactics specific to the product tech stack.
Requirements
- 5+ years of experience with creating secure coding requirements, conducting threat models and pen testing software end-to-end
- Passionate about working with developers to help them develop code securely
- Expert in determining the severity of a vulnerability and their impact to the business
- Expert with common security testing methodologies, including fuzz testing and using tools like Burp Suite
- Experience with the process of developing, building, and shipping secure code
- Understand secure engineering best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences
- Experience with multiple languages such as Java, React, Node JS, PHP, Scala, C and/or Python to perform secure code reviews
- Understand how to detect and prioritize Front End, API's, Microservices and Container vulnerabilities
- You have a passion for cyber security demonstrated through participation/leadership in webinars, Capture the Flag (CTF), TryHackMe, Hack The Box, Bug Bounty Programs, submission of CVEs and/or personal security projects
- Strong understanding of past, current, and emerging security exploits and the TTPs (tactics, techniques, and procedures) threat actor groups leverage
- Ability to communicate and report to various levels of technical and non-technical stakeholders
Responsibilities
- Conduct product/feature level Design Reviews, Code Reviews, Threat Modeling, Penetration Testing and Conducing Vulnerability Risk Analysis
- Lead manual security reviews and create secure coding requirements
- Discover vulnerabilities through web and mobile penetration testing
- Evaluate products for how a threat actor could leverage user-facing flows for malicious activity
- Deliver reports on completed tests and document technical issues identified during the assessments
- Collaborate with Product, Engineering and broader security teams to provide recommendations for solutions focused on decreasing business risks
- Support the Bug Bounty/VDP program through triaging submissions and proposing remediations
- Identify and maintain standards and procedures around the use of open source software
Benefits
- Healthcare benefits
- Additional Box Benefits + Perks
Share this job:
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Similar Remote Jobs
- π°$133k-$170kπUnited States
- π°$188k-$230kπWorldwide
- πIndia
- π°$170k-$190kπUnited States
- π°$166k-$207kπUnited States
- πBrazil
- π°$152k-$190kπUnited States
- πUnited States
Please let Box Inc Deutschland know you found this job on JobsCollider. Thanks! π