Search by job, company or skills

Latest Jobs, Job Vacancies, Recruitment - foundit Formerly Monster. Search 500,000 + Jobs openings . Apply online IT, Sales, Banking, Fresher, Walk-ins, Part time, Govt jobs, etc. on foundit Formerly Monster. Post your resume now!.

Application Security Engineer II

Cvent

    Highlights

    Job Description

    More Info

    Recruiter Info

3-5 Years
21 days ago
21 Viewed
2 Applied

Job Description

Cvent's Information Security team seeks Application Security Engineer II to support delivery of secure cloud-based software platforms and applications. As an Application Security Engineer II, you will closely partner with Cvent product, engineering, and the application security team. You will be responsible for applying your cloud and web application security subject matter expertise to conduct product security reviews that consist of:

  • Contribute to the AppSec Research and Engineering program by developing solutions to common security problems across Cvent products and automating operational activities.
  • Support developing threat models to help identify risks in product design and implementation
  • Participating in software design requirements and architectural reviews
  • Handling reporting and driving timely resolution of security weaknesses or defects; and
  • Engaging with internal stakeholders, security researchers, and customers to provide product security assurance.

To be a successful Application Security Engineer II, you will rely on your strong technical and interpersonal communication skills to identify and productively address cloud and web application security weaknesses that may put Cvent platforms and customer data at risk. You will be responsible for managing multiple, high-profile assignments, adapt quickly to shifting priorities and a cutting-edge technology landscape, and complete tasks on time in a fast-paced tech company. More specific responsibilities you will have include:

  • Develop solutions for common security problems across Cvent products, contribute to AppSec Engineering projects.
  • Develop threat models, conduct static/dynamic application security testing and internal penetration tests.
  • Report and triage vulnerabilities found via various techniques, such as SAST, DAST, penetration testing, and reports from the field (such as from QA teams, customers, and/or the security research community).
  • Track, support planning for, and ensure timeliness of remediation of open product weaknesses or vulnerabilities.
  • Partner with product and engineering teams to ensure security is championed throughout their teams and reflected in software development practices.
  • Engage with customers and relevant external parties to provide assurance in Cvent's software security practices, product security posture and communicate security roadmap plans and status updates, as appropriate.
  • Coordinate security penetration testing activities conducted by trusted security partners and/or customers, as applicable.
  • Support technical audit activities to maintain compliance with Cvent's internal security policies and security attestation standards and certifications, such as PCI, SOC 1 / SOC 2, CSA STAR, and ISO 27001.

  • 3+ years of experience in application security and software development
  • Scripting (python, ruby, groovy, etc.) experience to automate application security operational tasks and develop solutions for common security problems.
  • Strong working knowledge of secure coding and manual reviews.
  • Experience in threat modeling and application security architectures reviews is a plus.
  • Strong experience in manual penetration testing of web applications; experience testing mobile and API (REST and SOAP) applications a plus.
  • Experience in using security testing tools such as Checkmarks, Burpsuite, AppScan, and DataTheorem.
  • Exceptional communication, teamwork, and influencing skills that foster a collaborative and continuous-improvement environment.
  • Ability to effectively communicate technical issues to both technical and non-technical audiences.
  • Ability to adapt to a hyper-growth pace and changing priorities.
  • Ability to manage multiple, concurrent projects, activities, and tasks under tight time constraints.
  • Self-motivation and the ability to work under minimal supervision.
  • Bachelor's degree in an Information Technology related field of study or equivalent experience; relevant, industry recognized security certifications such as CISSP, CEH, GWAPT are encouraged.

Follow
Save
Report

Similar Jobs

Security Engineer II

Company Name Confidential

Application Security DevOps engineer

Company Name Confidential

People also considered

DelhiBengaluru / BangaloreNoidaMumbaiHyderabad / Secunderabad Telangana
Last Updated: 29-05-2024 07:42:19 AM
Home Jobs in Gurugram Application Security Engineer II
Beware of Scammers

We don’t charge money for job offers