Senior Application Security Engineer
- LogRhythm is seeking an Application Security Engineer to assist our team in shipping secure products. This role will have a significant focus on code reviews and vulnerability scanning. You will help ensure that LogRhythm products adhere to corporate and product certification requirements, securing LogRhythm’s development and production environments, and protecting customer data.
- You will perform code reviews, application security assessments and threat modeling. You will also deliver security training for developers, and generally raise developer awareness of security best practices. You will work cross functionally with your peers in the engineering organization.
Here’s an overview of the responsibilities & challenges ahead:
- Perform manual and automated security assessments (e.g. manual code reviews, web application vulnerability assessments, etc.) to drive measurable security improvements in LogRhythm’s products.
- Review assessment reports and coordinate with engineering to ensure findings are remediated.
- Be an active participate in advocating for and improving security throughout the SDLC.
- Provide training and mentorship on secure coding best practices to engineering team members.
- Consult with development and operations teams to provide mentorship and recommend secure design patterns.
- Remain up to date with emerging and active threats, review and apply the latest security research / threat intelligence.
Required skills, background, and experience:
- Bachelor’s degree in Computer Science or related field.
- 3+ years experience in Application Security
- Experience in SEI CERT Coding Standards for Java
- Knowledge of best practices for microservices architectures Kubernetes, Itsio Service Mesh, API Gateways.
- Knowledge of application-level attacks and mitigation methods, with a thorough understanding of OWASP top 10.
- Knowledge of DAST, SAST, and Software Composition Analysis.
- Understanding of compliance standards and how they impact software products and cloud operations.
- General security and secure coding security certifications are a plus
- Contributions to the security community a plus: research papers, public CVEs, conference talks, open source, etc.
LogRhythm offers the following benefits for this position, subject to applicable eligibility requirements:
· 401k plan
· Flexible time off
· Birthday Day off
The annual starting salary for this position is between 140k-160k Annually depending on experience and other qualifications of the successful candidate.
Bring your Whole Self to Work!
Diversity, equity, and inclusion are at the core of who we are. At LogRhythm, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors.
- Gartner Leader in Security
- TB company
- Award-winning SIEM Platform