Our Team
Join our innovative team as a Lead Application Security Engineer and become a pivotal force in enhancing our Secure Software Development Life Cycle (SSDLC). You will champion secure software practices, empowering our developers with the tools and knowledge to confidently explore new technologies while leading efforts to improve our overall security posture. This role offers a unique opportunity to shape the future of secure software development within a dynamic and collaborative environment.
What You Will Do
-
Collaborate with developers to integrate security best practices throughout the Software Development Life Cycle .
-
Develop and implement automation for security tooling to streamline processes and enhance the developer experience.
-
Define and track key metrics to measure compliance with security standards, and create reports for various stakeholders.
-
Conduct vulnerability assessments and provide actionable recommendations for remediation in applications.
-
Manage and maintain security tools, including those for static and dynamic analysis and vulnerability scanning.
-
Actively participate in the Incident Response process, focusing on analysis and implementation of corrective actions.
-
Develop and deliver engaging training on application security best practices.
Your Qualifications
At Cimpress, we are striving to hire individuals that add new ideas and perspectives to our teams and enhance our culture! No matter your background or work experience, we strongly encourage you to apply—even if you feel that you don’t meet the exact requirements or have the same qualifications. You might be a great candidate for this or other opportunities!
-
Communication: Excellent verbal and written communication skills to effectively present solutions, share expertise, and collaborate with diverse teams.
-
Security Knowledge: Proven experience with web application security and microservice architecture.
-
Cloud Proficiency: Hands-on experience with one major Cloud Infrastructure platforms (AWS, GCP, Azure) and Infrastructure as Code (IaC) principles.
-
Development Skills: Proficiency in one or more programming or scripting languages such as Python, JavaScript, PowerShell, or Bash.
Nice to Have
-
Security Acumen: While direct security experience is preferred, a strong willingness to learn and adapt to evolving security challenges is crucial.
-
SSDLC Security: Knowledge of Threat Modeling, SAST, SCA, and security best practices throughout the software development lifecycle.
-
Additional Programming: Familiarity with other programming languages like Java, Node.js, .Net, Python, Rust or Go.
-
Identity & Access Management: Knowledge of Identity and Access Management (IAM) concepts and protocols (e.g., OAuth2, OpenID Connect).
Why You'll Love Working Here
We encourage our engineers to think like owners – to continue to act small as we grow. Every team defines their own roadmaps, and uses the programming languages and technologies that suit them best. This helps us have a big impact at the enterprise level while still feeling small and nimble. We have a Remote-First operating model and culture, with team members in over 15 countries and 30 US states, offering autonomy and the flexibility to work from home. Cimpress also provides collaboration spaces for team members to work physically together.
About Us
Led by founder and CEO Robert Keane, Cimpress invests in and helps build customer-focused, entrepreneurial mass customization businesses. Cimpress Technology develops cutting-edge, best-in-world software that our mass customization businesses use to create personalized physical (and digital) products, for over 17 million global customers. Our businesses can choose the solutions that work for them, or assemble any custom combination they need. This makes it easier and faster to do things like introduce new products, reach customers and track orders. And this kind of innovation keeps customers coming back.
Commitment to Diversity, Equity, & Inclusion
Cimpress exists to help our customers live their dreams. Each dream is unique – and the Cimpress team needs to be as well. We believe in the unique contributions of everyone within a diverse global organization. We are collaborative, inclusive, and innovative. We strive to role model and live an inclusive culture of fairness, respect and belonging for all. And we work together to empower each other, creating a space in which each of us can spark our next great idea.
Equal Opportunity Employer
Cimpress Technology, a Cimpress company, is an Equal Employment Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, sex, national or ethnic origin, nationality, age, religion, citizenship, disability, medical condition, sexual orientation, gender identity, gender presentation, legal or preferred name, marital status, pregnancy, family structure, veteran status or any other basis protected by human rights laws or regulations. This list is not exhaustive and, in fact, in many cases, we strive to do more than the law requires.
#LI-KB23
