Avatar for DiscoverOrg

SaaS - Business Intelligence and predictive analytics for Sales and Marketing

Senior Security Engineer

$120k – $150k • No equity
Apply now
DiscoverOrg is seeking a security oriented software engineer who can take point in enhancing organizational secure software development practices. This is a new role for DiscoverOrg, but important as we prepare for scale in the coming year. Come help us elevate this job function at DiscoverOrg. 

Our tech stack consists of Java / J2EE applications utilizing Spring Framework with Angular front-ends. DiscoverOrg applications run in an Amazon Web Services cloud environment, making use of many Amazon platform services such as ECS, S3, Kinesis, SQS, RDS Aurora, ElastiCache, DynamoDB, and AWS WAF.

Candidates should come equipped with a working knowledge of security concepts and fundamentals, as well as their application to a dynamic, cloud based web services environment. We deal in very large volumes of data and are actively building systems that create and increase value from this data.  We are exploring machine learning, scalable and resilient architectures to store, access and interact with our data. We work with partners regularly who access or enhance our own data in a variety of ways, and we are exploring major enhancements to our customer-facing user interfaces and the technologies to build them. This presents a great opportunity for someone with the right experience to help us enhance our security best practices for software development for existing and future development.

Here's what a typical day will look like in this role: 


Serve as a Subject Matter Expert (SME) in the fields of application and infrastructure security.
Perform penetration tests, code audits, and design reviews.
Advocate for & educate on security, secure design, and coding practices throughout.
Collaborate with engineering teams to implement customer-facing security features.
Maintain strong knowledge of common security vulnerabilities, attack vectors, and remediation techniques.
Develop technical solutions to help mitigate security vulnerabilities.
Drive security requirements through designing and building prototypes and / or proofs of concept.
Deliver design documents and create user stories.
Evaluate, implement, and support security-focused tools and services.
Execute projects effectively and efficiently.
Lead for all activities supporting security certifications and audits (SOC2, ISO 27001, etc)

You're likely a great fit if you have most of the following: 


5+ years experience practicing secure software development and architecture.
Experience with common vulnerability scanning and reporting tools (e.g. Burp Scanner, Nessus)
Experience with automated static code analysis tools from a secure software development standpoint
Experience working on code audits, pen-tests, or similar projects.
Experience with Java and JavaScript / Angular Framework
At least 5 years experience in cloud security architecture and in SaaS applications
Knowledge of a broad range of attack vectors and exploits (AWS Service/API, OS, JVM, database, RESTful API, and Front End).
Excellent technical documentation skills.
Results driven, creative, professional, persistent, quality oriented, and self-motivated work style.
Flexibility to the needs of the business.
High volume log collection & SIEM experience
Experience as an open source project contributor a plus.


Here are some other skills that would add value in this role:


RDBMS’s (e.g. MySQL, Oracle, PostgreSQL)
ElasticSearch
ORMs, preferably MyBatis
Automated Testing (GUI and backend), User Acceptance Testing
Correlation of security events across multiple layers (e.g. network activity, OS logs, application audit trails)
Knowledge of OAuth 2.0 / Open-ID Connect
Web Application Firewall & Intrusion Prevention Systems, with ability to write rulesets in response to vulnerabilities
Analysis of captured traffic at the packet or API call level
Forensic analysis of compromised systems or services
Automated responses to security auditing events
Recognized participation in security industry events (e.g. conference presentations, Capture The Flag or other security competitions)

Perks and Benefits:

Competitive salary and bonuses
Medical, Dental, Vision Coverage
401(k) with employer match
Work from home flexibility
Competitive PTO 
Paid Sick Leave
Short-Term & Long-Term Disability
Life Insurance, AD&D Insurance
In-office soda machines
Quarterly offsite company awards
Annual company offsite event
10+ employee activity clubs

DiscoverOrg is an Equal Employment Opportunity (EEO) employer. We are committed to promoting a diverse and inclusive work environment. Our policy on equal opportunity and anti-discrimination applies to all terms and conditions of employment.

More jobs at DiscoverOrg

View all jobs

Senior Full Stack Engineer

Apply now

Director, DevOps

Apply now

Front End Developer

Apply now

Principal Data Engineer

Apply now

Data Product Analyst

Apply now