Quanata is hiring a
Senior Application Security Engineer, Remote - Worldwide

Summary

Quanata is seeking a highly experienced Senior Application Security Engineer to join their Information Security team. The role involves developing and implementing high-level application security architecture, collaborating with development teams, creating threat models, and ensuring compliance with industry regulations. The ideal candidate has 8 years of experience in information security, including 5 years in application security engineering.

Requirements

• 8 years of experience in information security, to include 5 years of experience in application security engineering
• Expertise in security-by-design principles and a deep understanding of application security frameworks and standards
• Experience in working with software development teams, providing security oversight in complex application ecosystems
• Familiarity with OWASP and relevant standards like ASVS and MASVS
• Familiarity with the regulatory environment of the insurance industry or a similarly regulated industry and its impact on application security
• Strong skills in threat modeling, risk assessment, and vulnerability management
• Proficient in at least one programming language and relevant security tools
• Excellent communication skills, with the ability to lead security initiatives and train teams on security best practices

Responsibilities

• Develop and implement high-level application security architecture across diverse projects
• Collaborate with development and product teams to integrate advanced security solutions by design into business-critical applications
• Create and refine application threat models, emphasizing robust security measures tailored to the unique challenges of the insurance sector
• Create application security architecture patterns, and product security requirements
• Perform security code reviews and application security testing
• Provide strategic guidance on application security best practices and oversee the implementation of these practices in software development life cycles
• Evaluate and respond to vulnerabilities identified through internal security testing, prioritizing according to business impact
• Drive initiatives to enhance security awareness and practices within the application development teams

Benefits

• Medical, dental, vision, life insurance and supplemental income plans for you and your dependents
• Headspace app subscription
• Monthly wellness allowance
• 401(k) Plan with a company match
• One-time payment of $2K for in-home office equipment and furniture
• Paid time off: Four weeks of PTO in the first year of employment, twelve weeks of fully paid parental leave
• Up to $5000 each year for professional learning, continuing education and career development
• Udemy subscriptions and access to multiple different coaching opportunities through BetterUp