Senior Application Security Engineer # US-Virginia-Tysons Corner View All JobsCompany Web SiteView All Jobs Senior Application Security Engineer Email This Job Your First Name Your Last Name Your E-Mail Address E-Mail Address to Share With Subject Message Prove you’re not a robot Send E-MailClose US-Pennsylvania-Pittsburgh-Remote – Apply – – – – Employee Referral Tell Us Who You AreFirst Name Last Name E-Mail Address Please complete all 3 fields. How Do You Want to Share? – – Close Cvent is an exciting, fast-growing tech company that provides industry-leading software to more than 300,000 event professionals and hoteliers around the world. The economic significance of our industry is undeniable: Meetings and events boost the global GDP by more than $1.5 trillion and impact nearly 26 million jobs; and for more than 20 years, Cvent has led the transformation of our industry with our market-leading technology. Cvent’s Information Security team seeks a Senior Application Security Engineer to support delivery of secure cloud-based software platforms and applications. As Senior Application Security Engineer, you will closely partner with Cvent product and engineering teams and be responsible for applying your cloud and web application security subject matter expertise to conduct product security reviews that consist of: – Leading threat modeling and secure architecture reviews; – Conducting static and dynamic application security testing, including penetration testing using manual techniques and automated tools; – Handling reporting and driving timely resolution of security gaps; and – Engaging with clients and external parties to provide product security assurance. What You Will Be Doing: To be a successful Senior Application Security Engineer, you will rely on your strong technical and interpersonal communication skills to identify and productively address cloud and web application security weaknesses that may put Cvent platforms and customer data at risk. You will be responsible for managing multiple, high-profile projects, adapt quickly to shifting priorities and a cutting-edge technology landscape, and complete tasks on time in a fast-paced tech company. More specific responsibilities you will have include: – Drive a secure SDLC program with the product and engineering teams, ensuring secure coding and threat modeling practices are adopted and taking place. – Conduct threat modeling and static/dynamic application security testing with automated and manual testing techniques. – Report and triage vulnerabilities found via various techniques, such as SAST, DAST, penetration testing, and reports from the field (such as from QA teams, customers, and/or the security research community). – Track, support planning for, and ensure timeliness of, remediation of open product weaknesses or vulnerabilities. – Advise and partner with product and engineering teams to ensure security is championed throughout their teams and reflected in software development practices. – Engage with customers and relevant external parties to provide assurance in Cvent’s software security practices, product security posture and communicate security roadmap plans and status updates, as appropriate. – Coordinate security penetration testing activities conducted by trusted security partners and/or customers, as applicable. – Support technical audit activities to maintain compliance with Cvent’s internal security policies and security attestation standards and certifications, such as PCI, SOC 1 / SOC 2, CSA STAR, and ISO 27001. What You Need For This Position: – 3+ years of experience in application security, preferably with a coding/development background. – Bachelor’s degree in an Information Technology related field of study or equivalent experience; relevant, industry recognized security certifications such as CISSP, CEH, GWAPT are encouraged. – Strong working knowledge of secure coding and manual reviews. – Experience in threat modeling and application security architectures reviews. – Strong experience in manual penetration testing of web applications; experience testing mobile and API (REST and SOAP) applications a plus. – Experience in using security testing tools such as Checkmarx, Burpsuite, AppScan, and DataTheorem. – Exceptional communication, teamwork, and influencing skills that foster a collaborative and continuous-improvement environment. – Ability to effectively communicate technical issues to both technical and non-technical audiences. – Ability to adapt to a hyper-growth pace and changing priorities. – Ability to manage multiple, concurrent projects, activities, and tasks under tight time constraints. – Self-motivation and the ability to work under minimal supervision. At Cvent we celebrate, support and are committed to creating a diverse and inclusive environment. We’re proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other legally protected characteristics. Cvent maintains a drug-free workplace Physical Demands Notice Powered by Hirebridge
To apply for this job please visit itjobpro.com.