Hypori is hiring a
Senior Application Security Engineer

Summary

Join Hypori Inc, a leading provider of SaaS cybersecurity solutions, as an Application Security Engineer and dedicate your energy to both AppSec and related automation responsibilities. You will maintain a deep understanding of the security aspects of Hypori's product/system architecture and implementation patterns, participate in design and architecture reviews, be the go-to AppSec expert for technical software engineering, security, and compliance team members, contribute to awareness across the product & engineering organization by being a thought leader and enthusiastic evangelist, develop and maintain software security patterns to enable security/compliance/privacy-by-default engineering, lead automation and integration of vulnerability management tooling across artifact repositories, container registries, as well as other components of development and build pipelines, triage vulnerability and compliance testing results for technical implications, validate their applicability, determine exposure in a system/component context, and generate user stories for remediation efforts.

Responsibilities

• Maintain a deep understanding of the security aspects of Hypori's product/system architecture and implementation patterns; and participate in design and architecture reviews
• Be the go-to AppSec expert for technical software engineering, security, and compliance team members. Contribute to awareness across the product & engineering organization by being a thought leader and enthusiastic evangelist
• Develop and maintain software security patterns to enable security/compliance/privacy-by-default engineering, such as: secure coding and configuration standards, code snippets/templates for Infrastructure as Code, hardening of containerized applications, etc
• Lead automation and integration of vulnerability management tooling across artifact repositories, container registries, as well as other components of development and build pipelines
• Triage vulnerability and compliance testing results for technical implications, validate their applicability, determine exposure in a system/component context, and generate user stories for remediation efforts
• Contribute to development and implementation of technical compliance strategies across cloud infrastructure and system components (such as, recommended configurations for FIPS-validated crypto providers and segmentation of network-based information flows)
• Participate in ceremonies across multiple scrum teams to provide insights and capture concerns and needs related to application security, privacy, and compliance