Senior Software Security Engineer

We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.

Job Description:

We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high

performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers

you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the

finish line is always sweeter when the whole team crosses together.

Overview:

- As a Senior Software Security Engineer you will build security into the product at each stage of the SDLC. You will work with software engineers, security teams, and product management to provide technical advice to ensure secure implementation of software products.

Primary Responsibilities:

- Hands-on contributions to software implementation and maintenance of product security features

- Perform secure design reviews, identify security gaps and propose mitigations

- Provide security subject matter expertise following best practices, standards, and policies across areas such as identity and access

management, cryptography, web security, cloud security, and more

- Participate in investigation and remediation of vulnerabilities affecting software products

- Partner with Software Architecture, Software Engineers and other stakeholders for ensuring security best practices and secure software

implementation

Requirements:

- Minimum 5+ years of proven experience successfully delivering secure software throughout a Software Development Lifecycle

- Experience in a programming language such as Modern C++, C#, Rust, Golang, Java, or Scala

- As a security advocate you will take the initiative to collaborate with stakeholders across the organization, including software engineering

teams and product owners, to provide pragmatic security solutions

- Understanding of how to diagnose software build and scan results, such as CI/CD, SAST, DAST, SCA, and Container scans

- Bachelor’s degree and/or equivalent experience in computer science, information technology, or related field

Desirable:

- Able to discuss and provide clear technical guidance on cryptographic concepts like cryptography, hashing, encoding, key management, etc.

- Strong knowledge of software vulnerabilities, mitigations , threat modeling, risk assessment, and vulnerability management

- Extensive experience writing and code reviewing Modern C++ codebases

- Strong experience with SaaS applications and Cloud technology such as GCP, AWS, Docker/Containers, Kubernetes, and microservice architectures

- Experience developing or maintaining CI/CD and scanning systems (e.g. can implement and maintain a system that helps findvulnerabilities)

- Experienced in software security testing (SAST, DAST, SCA, Manual Penetration Testing and Vulnerability Management)

- Demonstrable practical experience integrating and maintaining cryptographic systems/libraries into software projects

- Strong knowledge of software design patterns and security analysis

Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we’re invested in building teams with a wide variety of backgrounds, identities, and experiences.

This position involves access to software/technology that is subject to U.S. export controls. Any job offer made will be contingent upon the applicant’s capacity to serve in compliance with U.S. export controls.