Sr. Application Security Engineer
Posted on Thursday, July 27, 2023
1) The market leader in digital analytics with the mission of delivering the world’s leading cyber risk analytics on one of the most critical risks of today and the future.
2) Exceptionally well-funded startup that has raised over $100MM of capital from top-tier investors that has no need for any additional capital in this current market environment
3) Explosive team growth (from 15 employees in SF to >100 people globally).
4) Explosive client base growth path with a >99% retention rate.
5) An incredibly diverse, collaborative, and high-performing team of insurance industry professionals, data scientists, and engineers who love working here.
6) CyberCube and its products win industry awards every year (eg. Cyber Risk Solution of the Year & Stress Scenario Software of the Year in 2023). We were recognized with 9 awards in 2022.
7) Senior leadership has a continuous commitment to team members doing the best work of their careers.
8) CyberCube is just a place where you can get things done!
9) Ranked #11 on Forbes America's Best Startup Employers.
We are looking for a Sr. Application Security Engineer, who will be responsible for aligning our Software Development Life Cycle with security best practices, conducting security assessments on code changes and in general maturing our application security framework, processes and toolsets.
- Own the application security capability
- Drive the technical direction and roadmap of the application security program
- Lead application security reviews and threat modeling, including code reviews and dynamic testing
- Collaborate with development teams to prepare application security code fixes
- Implement and scale automated security testing to validate that secure coding best practices are being used
- Enable secure development practices through training
- Familiarity with common security libraries, security controls, and common security flaws
- Development or scripting experience and skills. Node.js and Java are preferred
- Experience with OWASP, static/dynamic analysis, and common security tools
- Experience identifying security issues through code review
- Experience working with developers
- Familiarity with securing applications built on cloud computing environments (AWS preferred)
- Understanding of authorization frameworks (OAuth and JWT)
- Experience working with source control (git, github, bitbucket etc.)
- Experience integrating application security functions into CI/CD processes
Why You'll Love It Here
- Play an instrumental role in reshaping one of the oldest industries in the world
- Competitive salary and meaningful early stage equity
- Company paid learning and development assistance
- Flexible working hours and the option to work from home when necessary
- Company supported mentorship program
- Grow in a collaborative, respectful, and empathetic culture
CyberCube Analytics, Inc. is an equal opportunity employer. We don’t tolerate discrimination against age, gender, gender identity, gender expression, sexual orientation, race, color, nationality, ethnicity, religion, disability, veteran status, protected genetic information or political affiliation.