Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Application Security Engineer at Ramp Talent

Remote: 
Full Remote
Contract: 
Full time
Work from: 
Utah (USA), United States

Offer summary

Qualifications:

4+ years in information technology/security, BS/MS in information security or computer science preferred, Experience with scripting and development languages, Strong background in web application security best practices.

Key responsabilities:

  • Review code for security vulnerabilities
  • Maintain library dependency trees and support penetration testing
Ramp Talent logo
Ramp Talent Human Resources, Staffing & Recruiting Small startup https://ramptalent.com/
2 - 10 Employees
About Ramp Talent
As a full-service, tech-enabled recruiting and talent management firm, we combine the precision of AI with the nuance of human empathy to master the recruitment lifecycle. Drawing on our foundational experience with HireVue, a leader in AI-driven digital interviewing, we bring unparalleled expertise in harnessing technology to identify top talent. At Ramp, we specialize in roles ranging from technical to leadership, building teams that are the driving force behind your business. We excel in aligning systems and teams, employing data-driven AI insights to ensure that every candidate not only aligns with your values and vision but also enhances your organizational culture. Our approach guarantees thoroughness and precision through technology, while our human touch ensures depth and understanding. Boasting decades of experience, we have been pivotal in scaling startups and driving growth in high-impact organizations worldwide. Our work goes beyond mere recruitment; we are passionate about the art of assembling dream teams. At Ramp, we take pride in our work and its transformative impact on businesses around the globe.
See all jobs

Job description

Our client, Filevine, is looking for an Application Security Engineer. Details below...

Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We’re also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field—we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc.

Our Mission Filevine is building the seamless intersection between legal and business by creating a world- class platform to help professionals scale.

Department Statement: The Information Security team ensures security engineering efforts are effective and aligned with industry standards and best practices.

Job Summary: Filevine is looking for a Application Security Engineer to join our Information Security team to ensure that our platform, applications, and infrastructure are compliant and secured at the highest levels, thus protecting, and enhancing customer trust. If you are bright, hardworking, ambitious and enjoy taking ownership for security and compliance, we want to talk to you. This is an exciting opportunity to join a world-class team.

Responsibilities
  • Review code for security vulnerabilities and assist in remediation.
  • Maintain accurate library dependency trees and correlate with CVE information.
  • Support penetration testing efforts in the company, including coordinating customer-initiated penetration tests and remediation efforts.
  • Provide primary support for private bug bounty or public bug bounty efforts and facilitate remediation with appropriate development teams.
  • Investigate claims of application security incidents.
  • Provide vulnerability remediation efforts and lead the vulnerability management program for the security team.
  • Identify end of support (EoS) and vulnerable libraries and code components which need to be prioritized for remediation and lead efforts of documenting and scoping necessary work.
  • Develop company-wide best practices for product and platform security.
  • Research security enhancements and make recommendations to management.
  • Stay up-to-date on application security trends and development standards.
Qualifications
  • 4+ years combined in information technology/security with emphasis on application security.
  • A BS/MS degree in a technical field such as information security or computer science can be considered as supplementary experience.
  • Experience with scripting and development languages (e.g., JavaScript, Python, C++)
  • Automation skills are required.
  • Strong history in advising and executing red-teaming exercises and alerting the SOC for appropriate incident response.
  • High degree of familiarity with web application security best practices and implementing secure enterprise web applications.
  • Significant experience with SIEM and logging technologies.
  • Knowledgeable with Threat Hunting practices.
  • Experience with SDLC processes and creating code scanning automations and run books / play books.
  • Experience with SAST scanning tools for code scanning and remediation processes.
  • Experience with DAST scanning tools for application testing
  • Experience with hardening web services, load balancers and web application endpoints.
  • Experience with Configuring WAF solutions and ensuring rules are aligned with the OWASP Top 10 recommendations.
  • Experience with AWS, GCP and Azure cloud infrastructure security.
  • Working knowledge of security requirements for SOC 2 Type I & II, HIPAA, GDPR, CCPA and CJIS.
  • Strong project management experience.
  • A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges.
  • Strong team player and work ethic are essential.
Preferred Qualifications
  • Significant experience with software engineering, incident response and security operations best practice.
  • Significant experience with orchestration and observability tools.
  • CCIE certification or equivalent experience.
  • CISSP certification or equivalent experience.
  • OSCP/GPEN/GXPN certification or equivalent experience.
  • GSEC certification or equivalent experience.
  • CISM certification or equivalent experience.

Required profile

Experience

Industry :
Human Resources, Staffing & Recruiting
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Application SecurityPenetration TestingVulnerability ManagementWeb Application SecuritySASSGeneral Data Protection Regulation (GDPR)C++ (Programming Language)Python (Programming Language)Project ManagementAutomationgRPCJavaScript (Programming Language)Threat AssessmentAmazon Web ServicesMicrosoft AzureCCURE (Security And Event Management System)Software EngineeringIncident ResponseSecurity Operations (SecOps)Observability

Other Skills

  • Persistence
  • Strong Work Ethic
  • Curiosity
Are you interested?

Security Engineer Related jobs

See more Security Engineer jobs